Comprehensive Security Strategy Recommended for Use of Mobile Devices

Widespread use of unsecured mobile devices in healthcare creates risks and vulnerabilities to the privacy and security of protected health information (PHI), yet many healthcare facilities have yet to comprehensively address the issue. As mobile devices are increasingly used to transmit electronic PHI (ePHI) and as updated federal health information privacy and security regulations require compliance, facilities must take comprehensive measures to identify and mitigate health information security and privacy risks and vulnerabilities. An article in the February 19, 2013, issue of hfm identifies strategies and focuses on one organization’s mobile ePHI security efforts. These include policies and procedures that allow the organization to upload security software on employees’ personal mobile devices and wipe out the device when unforeseen incidents pose a potential security threat.