How Secure Is Your Mini?
March 6, 2013 by InTouch Health
In telemedicine, it’s imperative for all mobile devices to conform to HIPAA guidelines.
Like most professionals, physicians enjoy using mobile devices. By some estimates, 90% of doctors are already using them at the point of care. And while they like smartphones, they love tablets like the iPad and iPad mini. The latter is rapidly becoming physicians’ mobile tool of choice because its roughly 8 x 5 inch dimensions make it easy to slip in a pocket, yet it’s far better for data entry than a smartphone.
This stampede toward tablets goes by two names in healthcare IT circles: bring your own device (BYOD) and corporately owned/personally enabled (COPE) devices. Most hospitals, long the domain of intranets and bulky laptops, are finally giving physicians what they want…which leads us to the trendiest acronym of all: mobile device management (MDM), where vendors and IT folks support multiple user profiles and secure document sharing.
Unfortunately, many do-it-yourself telemedicine programs and telecom companies have bypassed MDM altogether – and that can be disastrous in healthcare. It’s imperative for all mobile devices used in telemedicine to conform to HIPAA guidelines for patient privacy and secure messaging and imaging.
We’ve all seen media reports about celebrities whose smartphones have been hacked. Imagine the scandal that would erupt if Brad Pitt’s MRI results were suddenly available on the Internet – or if an aging star like Jack Nicholson received a telestroke consultation that went public. HIPAA has a very formal (and no doubt expensive) protocol for reporting these kinds of embarrassing data breaches. The reputation of a hospital system or large practice could be irreparably tarnished overnight.
The easiest way to avoid this trouble is to use only mobile devices and technologies that fully meet HIPAA guidelines – and all InTouch products do, including our new ControlStation app for the iPad and iPad mini.
Some do-it-yourself telemedicine programs are forgetting that if you’re lax on mobile security, it’s going to bite you eventually. Why open the door to compliance fines, PR crises, and potential lawsuits?