Navigation Links
Mobile Devices Pose New Security Risks for Patients; Five Experts Share Insights on mHealth

PORTLAND, Ore., July 20, 2011 /PRNewswire/ -- Mobile devices have become as common as the stethoscope in patient's rooms. Physicians routinely review patients' electronic health records (EHR), read test results, access diagnostic tools and take patient notes, all with a few touches on their iPad or tablet, smartphone or using a flash drive. These mobile devices are ideal for information sharing and time savings, but they pose huge security risks to patient information.

In less than two years, from September 22, 2009 through May 8, 2011, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) indicates that 116 data breaches of 500 records or more were the direct result of the loss or theft of a mobile device, exposing more than 1.9 million patients' PHI. A panel of five experts in the fields of healthcare IT, security and privacy, data breach and identity theft—Jill Arena, Chad Boeckmann, Rebecca Herold, Rick Kam, and Robert Siciliano—share their insights on how healthcare organizations and providers can optimize mobile health (mHealth) while protecting patients' data.

Electronic Health Records Increase Mobile Device Usage

Sixty-four percent of physicians own smartphones and 30 percent of physicians have an iPad, with another 28 percent planning to buy one within six months, according to a recent Manhattan Research study. 10,000 mobile healthcare applications are available today on the iPad, with a larger number of them created to provide access to electronic health records. Additionally, one-third of physicians use their mobile devices to input to EHR while seeing patients, while the information is fresh.

Experts Offer Their Insights on mHealth

Jill Arena, managing partner, Health Practice Solutions, LLC, consulting and technology solutions, "In many ways, digitizing patient information can make it more secure, but only if the proper security measures are in place. As we move to introduce iPad applications that integrate with physicians' Electronic Medical Records (EMR) products, we can edit, route and capture signatures on patient forms without ever dropping them to paper. This allows physicians and their office staff to recapture valuable staff time, and it keeps paper forms with PHI, Social Security numbers and other sensitive information from floating around the clinic and potentially falling into the wrong hands."

Chad Boeckmann, president, Secure Digital Solutions, LLC, comprehensive privacy strategy, "Anytime an organization extends information beyond its walls, a risk assessment should be conducted to determine the level of security controls, including monitoring of those controls. Mobile devices are a great example of extending the enterprise. Organizations need to understand the complexities of securing mobile devices, applications and the people who use them as part of a well-rounded data security and risk management program."

Rebecca Herold, Rebecca Herold & Associates, LLC, information security, privacy and compliance tools, education and consulting, "In healthcare, doctors and nurses are increasingly using mobile computing devices and storage devices as part of their care giving activities, storing goldmines of patient information on them. Because of the combination of increased business and patient data storage and entrusting mobile workers with mobile computing devices, it is vital that an effective mobile computing device and storage media security and privacy management program is in place. Not only to meet HIPAA compliance requirements, but also to protect your patients and your hospitals and clinics. A key component is providing training and awareness to those staff using such devices. After all, doctors and nurses cannot protect information on mobile devices if they are not taught effective ways to do so. If you don't provide security knowledge to those using mobile devices, privacy breaches will occur."

Rick Kam, president and co-founder, ID Experts, comprehensive data breach solutions, "Many Wi-Fi networks in hospitals and doctor's offices are not secure and coupled with the increased mobile device usage, patient data is at risk. Here are eight things you can do to protect sensitive patient data:

  1. Whenever possible, don't store sensitive data on wireless devices. If required, ensure the data is encrypted.
  2. Enable password protection on wireless devices, and configure the lock screen to come on after a short period of inactivity.
  3. Turn on the Remote Wipe feature of wireless devices.
  4. Enable Wi-Fi network security. Do not use WEP, and only use WPA-1 with strong passphrases. Use WPA-2 if possible.
  5. Change the default SSID and administrative passwords.
  6. Don't transmit your wireless router's SSID.
  7. Only allow your devices to connect by specifying their hardware MAC address.
  8. Implement a Wireless Intrusion Prevention System."

Robert Siciliano, CEO,, personal security and identity theft expert, "Mobile isn't just a convenient new gadget or toy, it's a huge target for criminal hackers and needs to be treated accordingly."

About the Panel of Industry Experts

Jill Arena, managing partner with Health Practice Solutions, LLC, holds a Fellowship from the American College of Medical Practice Executives and has extensive experience in practice start-up and workflow improvement, including the implementation and management of the newest health information technologies. Her professional focus and passion is the intersection of physician-patient-computer. Over the past 15 years, Jill has started more than 37 new clinics, where she has introduced EMRs and implemented complete clinical IT systems.

Chad Boeckmann, president of Secure Digital Solutions, LLC, assists organizations in government, financial, healthcare and retail industries to achieve information security and compliance goals. Since 2005 Secure Digital Solutions (SDS) continually enables companies to gain confidence and trust from their clients and auditors through IT security and regulatory compliance services. Clients continually rely upon SDS to deliver customized solutions, thought leadership, a strong work ethic and exceptional client service. SDS provides value by delivering business services and solutions effectively and tailor solutions to achieve client requirements.

Rebecca Herold, CISM, CISSP, CISA, CIPP, FLMI, The Privacy Professor®, has more than two decades of information security, privacy and compliance experience. Rebecca is a partner and subject matter expert for the first cloud-based HIPAA/HITECH compliance service, Compliance Helper ( As owner and principal of Rebecca Herold & Associates, LLC, Rebecca is a widely recognized and respected information security, privacy and compliance expert and has been named multiple times as a "Best Privacy Adviser in the World" by Computerworld. She is currently working on her 15th published book.

Rick Kam, CIPP, is president and co-founder of ID Experts, and chairman of the "PHI Project," a research effort to measure financial risk and implications of data breach in healthcare. He is an expert in privacy and information security, with extensive experience leading organizations to address the growing problem of protecting PHI/PII and remediating privacy incidents and identity theft. Previously, Kam spent 20 years at IBM Corporation in sales, management, and customer relationship management consulting.

Robert Siciliano, CEO of, is committed to informing, educating, and empowering Americans to protect themselves from violence and crime in the physical and virtual worlds. For more than 20 years, Robert has been working in all aspects of security. A blogger, consultant, and speaker on a wide variety of topics including computer security, identity theft, and social networking security, Robert is often interviewed on national television, to give advice to consumers and to weigh in on security issues.

Copyright©2010 PR Newswire.
All rights reserved

Related biology news :

1. Harris Corporations Highband Networking Radio Provides Mobile, Wideband Communications for Empire Challenge 2011
2. New biofuels processing method for mobile facilities
3. Pioneering Use of Mobile Technology to Conduct Clinical Trials in Emerging Economies
4. Animal feed and automobiles make the San Joaquin Valley a smog hotspot
5. Animal feed, not automobiles, makes the San Joaquin Valley a smog hotspot
6. E20 fuel reduces carbon monoxide and hydrocarbon emissions in automobiles
7. milch & zucker Takes ELISE Mobile With JobStairs iPhone App
8. Energy-harvesting rubber sheets could power pacemakers, mobile phones
9. MODA Announces Availability of Third Generation Mobile Data Acquisition Platform
10. Harvard research team receives $10M NSF grant to develop small-scale mobile robotic devices
11. EMBO pioneers pension plan for internationally mobile postdoctoral researchers
Post Your Comments:
(Date:4/4/2017)... , April 4, 2017   EyeLock LLC , ... that the United States Patent and Trademark Office (USPTO) ... covers the linking of an iris image with a ... and represents the company,s 45 th issued patent. ... is very timely given the multi-modal biometric capabilities that ...
(Date:3/30/2017)... KONG , March 30, 2017 The ... a system for three-dimensional (3D) fingerprint identification by adopting ground breaking ... into a new realm of speed and accuracy for use in ... at an affordable cost. ... ...
(Date:3/28/2017)... March 28, 2017 The report ... (Camera, Monitors, Servers, Storage Devices), Software (Video Analytics, VMS), ... - Global Forecast to 2022", published by MarketsandMarkets, the ... and is projected to reach USD 75.64 Billion by ... 2022. The base year considered for the study is ...
Breaking Biology News(10 mins):
(Date:10/11/2017)... ... 11, 2017 , ... ComplianceOnline’s Medical Device Summit is back for its 4th ... in San Francisco, CA. The Summit brings together current and former FDA office bearers, ... and government officials from around the world to address key issues in device compliance, ...
(Date:10/11/2017)... ... October 11, 2017 , ... Disappearing forests and increased ... of over 5.5 million people each year. Especially those living in larger cities are ... - based in one of the most pollution-affected countries globally - decided to take ...
(Date:10/10/2017)... ... October 10, 2017 , ... ... (ADC) therapeutics, today confirmed licensing rights that give it exclusive global access ... developed in collaboration with Children’s Hospital Los Angeles (CHLA). Additionally, an ...
(Date:10/10/2017)... Calif. , Oct. 10, 2017 SomaGenics ... from the NIH to develop RealSeq®-SC (Single Cell), expected ... for profiling small RNAs (including microRNAs) from single cells ... Program highlights the need to accelerate development of approaches ... "New techniques for measuring levels ...
Breaking Biology Technology: