Mobile Devices and Healthcare Information Security
Healthcare has come along way in the 21st century. Today one can find out almost anything on the World Wide Web. Similarly, when it comes to monitoring one’s health there are several technology tools designed to cater to people’s needs. With the explosive growth of smart phone applications (apps), many businesses have joined the cause to deliver their services through mobile devices or any other fast speed technology device. Accessing health information through mobile device is as popular as accessing financial, entertainment, and social networking information. As a result, healthcare companies are developing mobile device applications for consumers.
Mobile devices are convenient for accessing healthcare information. However, users and health IT administrators should consider all the sensitive information that is being transmitted. The risks are unquantifiable in the event of a data leak from a compromised network. Companies have to perform a risk benefit analysis to determine if the benefits outweigh the consequences.
For example, Company XYZ, a healthcare provider company generates $3.2 Million in revenue after going live with a new healthcare mobile application. Let us say for example that company XYZ’s mobile network is compromised and personal identifiable data of patients are stolen (i.e., social security, address, medical conditions) and leaked to public. As a result, the company’s reputation is ruined and the company will be fined for negligence for not safeguarding patient's health information. Fines for data breaches are very expensive depending on the nature of the breach is between $50,000 to $250,000 and up to ten years imprisonment if the wrongful conduct involves the intent to sell, transfer, or use identifiable health information for commercial advantage, personal gain, or malicious harm. Companies are taking extra steps to ensure that they are compliant with SOX (Sarbanes–Oxley Act of 2002), HIPAA (Health Insurance Portability and Accountability Act of 1996), PCI (Payment Card Industry) standards as well a number of industry best practices to prevent their systems from being compromised.
How health IT teams can reduce security risk from mobile devices
To prevent a data leak, health IT security officials should educate their users on the risks associated with using mobile devices for accessing data, as well as install the best firewalls over their mobile network, deploying the latest software patches, and other top security software to prevent such compromises from happening. Although smart phone technology is an added benefit to our way of life, it can also be an area of vulnerability. Most importantly, healthcare companies need to ensure that they continuously monitor systems that house healthcare information to ensure that their patients’ data is safe.
Comment on this article or post an article by joining the RxEconsult community.
Please Share on Your Social Networks