ISPP 2015

Career Opportunities in Pharmacy
Worried About Using a Mobile Health Device for Work? Here’s What To Do!


If you are a health care provider, here are some tips for protecting and securing health information when using a smart phone, laptop, or tablet to access, transmit, receive or store patients’ health information. The HIPAA privacy and security rules were issued under the health insurance portability and accountability act. These rules set national standards for protecting P-H-I against unauthorized use or disclosure and safeguards for the confidentiality, integrity, and availability of electronic P-H-I. Health care providers who are HIPAA covered entities must take steps to protect the privacy and security of their patients’ P-H-I. This means whether you are a doctor practicing by yourself, or in a hospital setting, or in a group practice; or you are a healthcare professional such as a nurse, or a therapist, or a home health aide, or you work at a clinic, or physician’s office or other health care facility – you must protect and secure patients’ P-H-I, no matter what kind of technology you’re using. Before you use a mobile device to access, transmit, receive or store patient’s health information, you should educate yourself on the risks of using it, and learn about the safeguards you can put in place to minimize risks. Some of the risks you should be aware of when using a mobile device for work are: the ease of losing your mobile device, the risk of your mobile device being stolen, viruses or other malware you may inadvertently download to your mobile device, the risk of sharing your mobile device with friends, family or coworkers, and risks when accessing and using an unsecured wi-fi network. You need to take action to protect and secure health information when using a mobile device. Possible safeguards include setting a strong password, using encryption, using automatic log off, requiring a unique user id, enabling remote wipe, locking the device, keeping the device with you, using a screen shield, refraining from sharing the mobile device, registering the mobile device with your health care setting, installing a firewall, using a secure wi-fi connection, And researching mobile applications before downloading. You can learn more about these risks and safeguards as well as other tips and information in this video series and on the mobile device privacy and security website. Ultimately, it is your responsibility to follow your office or organization’s Mobile device policies and procedures. If you plan well to minimize risk – and your mobile device is lost or stolen – You’re much less likely to lose health information and with it – your patients’ trust. Create a culture of privacy and security awareness. Reduce the risk of unauthorized access to your patients’ health information. Protecting patient confidentiality increases their trust in your care and reduces the chance of accidental disclosure of patient health information and your organization’s liabilities. Watch the other videos in this series to learn more about identifying and implementing mobile device safeguards, protecting health information against the possibility of devices being stolen, and other tips and information to help you protect and secure patients’ health information. All providers are different and their privacy and security considerations are different. These five videos are examples of some risks and safeguards. They are not all inclusive of every risk and every safeguard you should consider. Visit the mobile device privacy and security website to learn more about practical ways to protect and secure patients’ health information when using mobile devices. Let us know if you have questions we haven’t answered by submitting a comment through the mobile device privacy and security website.

2 thoughts on “Worried About Using a Mobile Health Device for Work? Here’s What To Do!

  1. Is encryption mandatory for mobile devices if storing and transmitting ePHI etc. if other precautions have been taken, like strong passwords, auto logoff, firewalls etc. Thank you.

  2. Not good enough. Information will be shared at will and information sharing without authorization will be hard to be find, no one will be punished and information could even be used by employers for hiring purposes just like facebook!

Leave comment

Your email address will not be published. Required fields are marked with *.