Mobile apps that share files via the cloud may be popular, but they pose risks in a clinical setting, according to a study reported by FierceMobileHealthcare.
The study, which was conducted by the Ponemon Institute, concluded that many health organizations aren’t taking the steps needed to guard protected health information on mobile devices and in the cloud. In fact, more than half of respondents (54 percent) reported having an average of five data breaches involving the loss or theft of a mobile device containing PHI, according to FierceMobileHealthcare.
About 33 percent of Ponemon respondents said they need to access PHI to do their work. That being said, only 15 percent of survey respondents were aware of HIPAA’s security requirements for regulated data on mobile devices. This was the case despite the fact that 33 percent of respondents were part of a HIPAA-covered entity.
Meanwhile, 40 percent of respondents weren’t sure if their organization’s policies on employee access and use of regulated data on mobile devices were HIPAA-compliant. Twelve percent said they were compliant, 31 percent were partially compliant and 17 percent said they were noncompliant.
While healthcare organizations may be playing it a bit fast and loose where use of the cloud via mobile is concerned, they’re still being very cautious where other uses of the cloud are concerned, FierceMobileHealthcare notes.
According to a recent survey by technology vendor CDW, healthcare organizations ranked seventh out of eight industries studied when it came to adoption of cloud computing. According to CDW, healthcare leaders cited security concerns about proprietary data and applications as reasons they’d been reluctant to adopt cloud technology.
There are a few app developers who have come up with remote consultation apps as well. I wonder how those are affected. And though the apps themselves are HIPAA compliant, are the practices actually securing the data they are storing? Interesting read.