The amount of personal health information (PHI) stored and accessed on mobile devices is ever increasing, with 10,000 mobile healthcare applications existing that allow users to access electronic health records (EHR).
Additionally, one in three physicians own an iPad, and another 28 percent are planning on purchasing one within the next six months. This doesn’t even include the privacy risk that the 64 percent already using a smartphone produces.
With numbers like these, it is clear that a lot of patient data is at jeopardy. In fact, the Office of Civil Rights has reported that within the past two years, the PHI of 1.9 million patients has been exposed. This release of private information is linked to 116 data breaches of over 500 records due to the theft or loss of mobile devices.
These numbers are not only troubling from a legal standpoint, but also from a business view, as consumer confidence in electronic health records wavers in response.
However, this does not need to be the case. The president of ID Experts Rick Kam explained that there are several steps that healthcare providers can take to make certain that patient privacy is maintained and these security breaches are averted.
This includes measures for securing wireless devices such as encrypting any sensitive data, using a password for protection, and setting the lock screen to appear after a short period of time without activity. Additionally, enabling the “remote wipe” feature on mobile devices allows physicians to erase data from lost or stolen devices, preventing situations such as those that have led to the breach of almost two million patients’ information recently.
Other measures that Kam suggests revolve around the protection of healthcare providers’ Wi-Fi networks. This includes suggestions such as using a password protected Wi-Fi network, changing the default service set identifier, and keeping this information private.
By following the steps Kam laid out and relying on best practices, convenience and mobility do not have to mean a simultaneous reduction in privacy standards.