Mobile Apps Pose Security Risks

Posted on July 11, 2013 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Mobile apps that share files via the cloud may be popular, but they pose risks in a clinical setting, according to a study reported by FierceMobileHealthcare.

The study, which was conducted by the Ponemon Institute, concluded that many health organizations aren’t taking the steps needed to guard protected health information on mobile devices and in the cloud.  In fact, more than half of respondents (54 percent) reported having an average of five data breaches involving the loss or theft of a mobile device containing  PHI, according to FierceMobileHealthcare.

About 33 percent of Ponemon respondents said they need to access PHI to do their work. That being said, only 15 percent of survey respondents were aware of HIPAA’s security requirements for regulated data on mobile devices.  This was the case despite the fact that 33 percent of respondents were part of a HIPAA-covered entity.

Meanwhile, 40 percent of respondents weren’t sure if their organization’s policies on employee access and use of regulated data on mobile devices were HIPAA-compliant. Twelve percent said they were compliant, 31 percent were partially compliant and 17 percent said they were noncompliant.

While healthcare organizations may be playing it a bit fast and loose where use of the cloud via mobile is concerned, they’re still being very cautious where other  uses of the cloud are concerned, FierceMobileHealthcare notes.

According to a recent survey by technology vendor CDW, healthcare organizations ranked seventh out of eight industries studied when it came to adoption of cloud computing.  According to CDW, healthcare leaders cited security concerns about proprietary data and applications as reasons they’d been reluctant to adopt cloud technology.