Privacy & Security

Health information security and medical privacy are of utmost importance. mHIMSS seeks to ensure all entities that use, send, or store electronic health information have the tools and knowledge necessary to meet requirements for data confidentiality, integrity, and availability. mHIMSS will equip professionals and organizations with the ability to implement sound risk management practices, and utilize recognized standards and protocols. mHIMSS provides initiatives, tools, and resources that assist professionals and organizations to take the rights steps to formally define policies, procedures and processes when implementing mobile technologies and data exchange, and managing the inevitable workflow changes.

  •  
  • News
  •  
  •  
  • Blogs
  •  
  •  
  • Videos
  •  
  •  
  • White Papers
  •  
  •  
  • Case Studies
  •  
  •  
  • Webinars
  •  
  •  
  • Presentations
  •  
  •  
  • Tools & Topics
  •  

Submit content

ONC wants more resources to conduct PHI privacy campaign February 22, 2012 | Diana Manos The Office of the National Coordinator for Health Information Technology is seeking more information on the risk associated with accessing personal health information through mobile devices.  More
 
mHIMSS tracks at HIMSS12 attract large audiences February 22, 2012 | Eric Wicklund Standing-room-only crowds attend the first mHIMSS-themed sessions Tuesday at the HIMSS12 Conference and Exhibition in Las Vegas, including a session explaining how a New York-based healthcare system developed a basic mobile platform for its physicians.  More
 
BoxTone, Verizon, Motorola launch platform for Android-based devices February 20, 2012 | Eric Wicklund The new platform aims to enable healthcare providers to push their services out into the field – whether it be a homecare agency, a remote clinic or the battlefield – through Android-based smartphones and tablets.  More
Experts outline 5 patient-centered social media concerns February 14, 2012 | Michelle McNickle Social media, from Facebook to Skype to Twitter, is making its presence known in the healthcare universe. And with those new methods of communication come new risks of disclosing sensitive data.  More
Doximity's iRounds gives physicians real-time access to expert advice February 8, 2012 | Eric Wicklund The California-based online network, which boasts connections to more than 5 percent of the nation's physicians, adds tools to enable doctors to consult their peers on tricky cases, new technology and best practices.  More
Ottawa Hospital's CIO explains his iPad program February 7, 2012 | Dale Potter While hospital executives decide whether to allow physicians to bring in their own mobile devices or set restrictions, Ottawa Hospital CIO Dale Potter explains how he decided to equip his staff with iPads.  More
ONC seeks good practices for mobile device privacy and security January 25, 2012 | Eric Wicklund As part of the government's mHealth Initiative, federal officials have launched a project to identify the best ways to protect health information while using mobile devices.  More
Despite backlash, SOPA, PIPA give healthcare execs something to think about January 24, 2012 | Eric Wicklund The controversial Internet piracy bills may be doomed to defeat in Washington, but their impact shouldn't be overlooked in mobile healthcare circles.  More
Mobile tools help physicians, patients track medication adherence January 23, 2012 | Eric Wicklund Companies like SentiCare, Covectra and Sproxil are using mHealth solutions to identify counterfeit drugs, track medication use at home and provide a real-time link to physicians that can help improve adherence and curb drug abuse.  More
Mobile healthcare figures prominently in ID Experts' 2012 PHI security predictions January 5, 2012 | Eric Wicklund The Oregon-based provider of data security solutions says healthcare providers will face an "epidemic" of data breach issues if they don't pay attention to how personal health information is treated.  More
Healthline ranks its top 10 mobile, online health searches in 2011 December 29, 2011 | Eric Wicklund The San Francisco-based health information provider says people used mobile devices to search for information on sensitive topics, like sexually transmitted diseases and mental health issues.  More
Sebelius, Topol kick off mHealth Summit with a nod to the smartphone December 6, 2011 | Eric Wicklund Health and Human Services Secretary Kathleen Sebelius and West Wireless Health Institute Vice Chairman Eric Topol took to the stage for opening keynotes Monday at the mHealth Summit, and each said the future of healthcare remains tied to mobile technology.  More
Five reasons why digital health technologies need FDA oversight February 15, 2012 | David Lee Scher, MD A draft proposal of the FDA guidelines for regulating mobile medical applications was released in July, 2011. In response, the mHealth Regulatory Coalition sent detailed comments on the proposal.  More
Identifying the challenges and opportunities in mobility February 15, 2012 | Rob Shaughnessy Over the last six months I've had the pleasure of talking to many professionals leading mobile initiatives – from global telecommunications companies concerned with the impact mobile computing is having on their infrastructures to small companies looking to leverage the hundreds of thousands of mobile applications available from the many public and private app stores. From the largest to the smallest, there are very common themes in the challenges being faced.  More
Employee makes fun of patient on Facebook January 5, 2012 | Christina Thielst When will our employees learn not to identify patients on Facebook or any other social media site?  More
Mobile-enabled, HIPAA-compliant December 23, 2011 | Sanjay Pingle There's no question that mobile apps have the potential to improve patient care.  More
Joint Commission Statement on Texting Physician Orders December 1, 2011 | Christina Thielst The Joint Commission has a new statement on texting orders and I agree that just picking up your phone and texting in your next order is a rather risky activity.  More
Of mobile apps and liability issues May 2, 2011 | John Farrell With Pricewaterhouse Coopers' Health Research Institute estimating the annual consumer market for mobile monitoring devices is somewhere between $7.7 billion and $34 billion per year, it's not surprising that the marketplace would find itself chock full of apps directly targeting consumers, above and beyond those developed and marketed to healthcare professionals. But with technology clearly outpacing our regulatory bodies, how much attention is being paid to the accompanying liability issues  More
Clarifying HIPAA data privacy, security standards March 10, 2011 | John Farrell Is anyone else wondering how URAC's recent revision of HIPAA privacy and security standards might affect the healthcare marketplace The nonprofit accreditation organization-which based its revisions on provisions set forth in the HITECH Act-has extended all of the privacy and security standards to include "business associates" of covered healthcare organizations. It's also edited the standards to clarify their intent, adding seven new standards in the process.  More
Addressing mobile security in healthcare March 8, 2011 | John Farrell Just before HIMSS11, I was speaking with a number of hospital CIOs regarding information security in healthcare. One of the key concerns I kept hearing about had to do with securing mobile devices, so I thought it timely that AirWatch's latest release--AirWatch 5.13--aims to speed and secure mobile device deployments through its enhanced Public Key Infrastructure (PKI) integration and certificate management framework.  More
Hospital data breaches continue to pile up February 18, 2011 | John Farrell A timely reminder just as health IT professionals head off to HIMSS11: compromised PHI is still a headline grabber. Just days after learning the confidential personal health data of roughly 1.7 million New York City patients, staff members and others affiliated with four Bronx hospitals was stolen in December, the West Virginia Attorney General's Office has acknowledged that the personal information of 3,655 patients at the Charleston Area Medical Center (CAMC) was placed onto a publicly available Web site.  More
Doc: Securing mobile health data begins with device users February 2, 2011 | John Farrell If the upside of mHealth is mobility, then the downside would have to be security. Smaller, more plentiful devices ultimately spell greater risk and, while we're not about to ditch our mobiles, there are some basic considerations healthcare professionals should weigh heavily in the weeks leading up to adoption.  More
More slip-ups with patient data January 3, 2011 | John Farrell Last month, we learned that at least eight U.S. Department of Veterans Affairs facilities were found in recent months to be violating the department's prohibition against using online tools like Google Docs to share private health information among facilities. In fact, the latest VA incident report underscored the department's shortcomings in safeguarding the personal information of 878 patients. Now, Danville, Pa.-based Geisinger Health System has acknowledged that some protected health information (PHI) of roughly 2,928 patients was recently disclosed in an unauthorized manner.  More
Verizon to gain HIT ground with patient data security push December 9, 2010 | John Farrell Verizon's efforts to gain traction in the health IT space may get a boost from its plan to kick off the New Year by issuing free medical identity credentials to physicians, physician assistants and nurse practitioners. Consider it a shot in the arm for patient data security.  More
mHealth Summit 2011 - Super Session 4: Global Policy and Regulatory Perspectives of mHealth January 19, 2012 | Foundation for NIH mHealth Summit 2011 - Super Session 4: Global Policy and Regulatory Perspectives of mHealth  More
Security of Mobile Computing Devices in the Healthcare Environment January 5, 2012 | mHIMSS The focus and goal of this paper is to provide an information resource about mobile computing device security to healthcare information technology leaders. This is not meant to be a blueprint for how an organization should deploy mobile computing devices; instead it provides the necessary groundwork for the organization to take the steps to formally define policies, procedures and processes.  More
2011 mHIMSS Mobile Technology Survey December 5, 2011 | mHIMSS This study provides information on a multitude of aspects related to mobile and wireless technology in health care organizations including general use of mobile technology, access to patient data, means for securing information, and the benefits and barriers to use.  More
Toward an mHealth Ecosystem: Extending Access, Remote Connectivity and Engagement January 9, 2012 | mHIMSS According to the CDC and NIH, over 50 percent of the factors related to personal health can be traced to lifestyle choices, while only 10 percent is related to the medical care system. This finding illustrates a stark truth: the US healthcare system in its current incarnation, a system of facility based, episodic care, is insufficient to the task of improving population health.  More
Enabling Collaborative Healthcare Delivery: Care Coordination Strategies with 21st Century Technology December 15, 2011 | mHIMSS This paper, based on a roundtable session featuring John Mattison of Kaiser Permanente, identifies the building blocks of care coordination and the innovative technologies being deployed to support continuity of care by visionary health systems and the healthcare IT vendor community.  More
Where Information and Care Meet: Secure Mobile Healthcare Solutions that Drive Care Coordination December 15, 2011 | mHIMSS This paper, based on a roundtable session featuring Liz Johnson of Tenet Healthcare Corp., examines how leading hospitals and health systems in the country are implementing mobile point of care, sharing best practices and lessons learned, to deliver real-time, high-quality care anywhere.  More
The Healthcare IT Innovation Imperative: Harnessing the Power of Technology for 21st Century Care Models December 15, 2011 | mHIMSS This paper, based on a roundtable session moderated by Eric Dishman, highlights how the private and public sectors in the U.S. and Europe are unleashing the power of data in innovative ways to improve the quality of care while making the system more efficient and cost-effective.  More
A Privacy Framework for Mobile Health and Home-Care Systems December 7, 2011 | mHIMSS In this paper, we consider the challenge of preserving patient privacy in the context of mobile healthcare and home-care systems, that is, the use of mobile computing and communications technologies in the delivery of healthcare or the provision of at-home medical care and assisted living.  More
Unique Challenges of Health Care Networks and the Value of Wireless November 29, 2011 | mHIMSS Medical applications are among the most demanding users of network capacity, real-time performance, mission-critical reliability, and data security. Hospitals and medical centers are accelerating the pace of accessing and storing patient records via EMRs. Considering that data centers storing these records are often not connected to the main hospital, or medical office building, all this adds up to an explosion of information straining existing network infrastructure.  More
Providing Wireless Technology for Healthcare Transformation November 29, 2011 | mHIMSS The U.S. healthcare industry is undergoing a game-changing transformation in the way it delivers care. The “meaningful use” requirements under the HITECH Act, the new payment and delivery reform model under the PPACA and the consumer movement are all converging to help create a system that improves the quality of care and clinical outcomes, drives workflow efficiencies, and reduces and manages cost. Forward-thinking healthcare providers, payers and suppliers are taking up the challenge and looking to health IT to enable the new delivery system. Healthcare stakeholders are embracing mobility technology as a viable solution.  More
Healthcare Information at Risk: The Consumerization of Mobile Devices November 22, 2011 | mHIMSS The consumerization of mobile devices, also known as bring your own device, (BYOD) is a major trent affecting healthcare. This invobvles healthcare workers using personal mobile devices, such as smart phones and tablets, to access applications that enable them to deliver care whenever and wherever it is needed.  More
Mobile Devices Everywhere: Healthcare Organizations Need Innovative Technology to Manage & Secure Mobility November 17, 2011 | mHIMSS For many years — generations, in fact, healthcare leaders have been asking for the increased use of information technology in their facilities, especially at the point of care. The problem: The inevitable resistance to change.  More
Department of Veterans Affairs Medical Device Isolation Architecture Guide V2.0 November 17, 2011 | mHIMSS The purpose of this document is to provide a standard process for isolating and securing networked medical devices using a protected Virtual Local Area Network (VLAN) structure. This document’s target audience includes VA OI&T Network staff, OI&T Information Security Officers ISO, and Biomedical Engineers.  More
Txt4Health: Using Mobile Health Technology in the New Orleans Beacon Community February 15, 2012 | Anjum Khurshid PhD, MBBS (MD), MPAff The New Orleans Beacon Community is currently using Txt4Health approaches to reduce healthcare costs, improve population health, and enhance patient experiences when engaging in healthy practices. This program assists individuals with diabetes through SMS texting to educate and improve patients dealing with chronic disease.  More
Secure 2-Way Messaging Program Improves Care, Appointment Attendance February 7, 2012 | mHIMSS The Army’s mCare program targets soldiers serving in the Community Based Warrior in Transition Units (CBWTU) program, which enables those with mild traumatic brain injuries (mTBI) and other wounds to receive medical care and perform military support missions as they heal. A HIPAA-compliant, two-way messaging application based on Diversinet’s MobiSecure® platform was proven during a one-year pilot program, continued and expanded under a five-year contract. mCare addresses the challenges of providing secure case management for geographically dispersed patients who require varied interdisciplinary treatments and use diverse mobile devices.  More
Secure the Right Wireless Tools at the PoC February 6, 2012 | mHIMSS Highly sophisticated Point of Care solutions and mobile wireless devices are transforming the way medicine is delivered and revolutionizing patient-caregiver interaction. But this puts additional pressure on hospital IT professionals. They must ensure secure remote access to networks while safeguarding against data corruption, theft and other threats. Join CDW Healthcare and HIMSS to learn about the steps to support the latest mobile wireless devices.  More
Mobility for Healthcare: The Choices and Challenges February 6, 2012 | mHIMSS Mobility in health care has been much hyped, but the industry is still underestimating its value to enable business process management. This webinar looks at the degree of expectation and adoption of mobile computing as well as the challenges of rapidly advancing technology and the difficult issues of security and management.  More
Wireless/Wired Networks Purpose Built for Clinical Workflows February 3, 2012 | mHIMSS Perceived success for EMR initiatives depends on your clinician’s user experience. This webinar will focus on wired/wireless networking best practices from Western Maryland Health System and Memorial Health Systems of East Texas to implement a purpose built network supporting healthcare clinical workflows and guaranteeing SLAs for consistent and secure access to clinical applications.  More
Securely Manage Mobile Medical Devices January 16, 2012 | mHIMSS This Webinar will focus on today’s best practices for full lifecycle mobile management: • Rapidly creating, deploying and managing mobile medical apps • Empowering healthcare IT to proactively secure all mobile devices with continuous monitoring of policy compliance and proactive auto-remediation of violations with full audit trail • Simplifying remote support and ensuring best end user experience with highest quality mobile service levels  More
Securely Manage Mobile Medical Devices & Apps: A Healthcare IT Network How To Guide November 21, 2011 | mHIMSS Healthcare IT needs an automated framework for secure device provisioning, app development and deployment, compliance monitoring, ongoing support, change management and retirement. Ideally the same systems would also provide "reasonable safeguards" for the protection of ePHI sent, received or stored by a mobile device in accord with HIPAA guidelines. This Webinar will focus on today's best practices for full lifecycle mobile management.  More
iPhones, iPads and HIPAA Compliance: A How To Guide November 17, 2011 | mHIMSS Devices like the iPhone and iPad are becoming incredibly popular with doctors and other healthcare professionals. But whether they are hospital issued -- or owned by the worker -- IT must ensure that Electronic Protected Health Information (ePHI) that is stored, accessed, transmitted or received by a mobile device is secured and protected in accordance with HIPAA guidelines.  More
Ubiquitous Wireless Enables All-Private Room Critical Care Hospital November 16, 2011 | mHIMSS This webinar will focus on VCUHS' (Virginia Commonwealth University Health System) new 275-bed all private room critical care hospital and how a unified wireless infrastructure provides caregivers a virtual link for everything from remote communication of bedside alarms to physician access to the EHR.  More
Healthier Wi-Fi for Hospitals November 16, 2011 | mHIMSS With so many new high-powered handheld devices hitting the market and new medical applications utilizing wireless within the healthcare industry,Wi-Fi is no longer a considered a technology of convenience but expected to be a reliable and ubiquitous medium.  More
Secure & Manage Enterprise iPads at the Point of Care November 16, 2011 | mHIMSS Spot checks of hospital and health care IT staff validate that the iPad and other tablet devices are set to become the preferred data collection and access tool for doctors, nurses and clinicians to more accurately treat patients at the point of care.  More
Avoiding Violations:HIPAA, HITECH and Social Media February 7, 2012 | mHIMSS Jessic Soulliere, social media communications coordinator, explores the impacts of social media as it relates to HIPAA regulations and how to address these risks.  More
Video Presentations from The 2011 mHealth Summit, December 5 - 7 2011 January 18, 2012 | mHIMSS This webpage hosts all of the video presentations from the The 2011 mHealth Summit, December 5 - 7 2011.  More
How to Achieve 24 x7 Healthcare IT Security November 22, 2011 | mHIMSS Imagine sitting halfway around the world and checking a patient's medical records remotely, and securely, without worrying about compromising sensitive data. Possible? It's happening today with some of the country's leading healthcare providers because of advancements in data encryption, cloud computing and wireless mobility. Meet Alex Romillo, Chief Information Officer at Health Choice Networks. He oversees network security for 37 medical centers in eight states.  More
Expanding Broadband for Healthcare November 17, 2011 | mHIMSS A Presentation to the HIMSS Ambulatory Roundtable by Kerry McDermott, Director, Healthcare, Federal Communications Commission  More
Definitions of mHealth January 5, 2012 | mHIMSS A collection of mHealth definitions from key healthcare organizations.  More
Mobile Device Functionality: Mobile OS Comparison Matrix February 11, 2012 | Todd MacCallum The first in a series of reports, author Todd MacCallum provides an overview of mobile device operating systems. Covered in the comparisons are topics such as active directory integration, data encryption, and support for virtual applications.  More
Glossary of Terms February 6, 2012 | mHIMSS   More
mHealth: FROM SMART PHONES TO SMART SYSTEMS January 31, 2012 | mHIMSS Click on the book cover to preview a chapter from the new book mHealth: FROM SMART PHONES TO SMART SYSTEMS  More
Mobile Enterprise: Wireless Solutions from the C-Suite to the Field, (mobileenterprise.edgl.com) November 23, 2011 | mHIMSS Wireless and Mobile whitepaper library  More
Manufacturer Disclosure Statement for Medical Device Security; Joint HIMSS/NEMA standard form November 22, 2011 | mHIMSS Consists of the MDS2 form and instructions for completing it. Assists professionals responsible for security-risk assessment in the management of medical device security issues. The information on the MDS2 form is not intended, and may be inappropriate for, other purposes.  More
FDA Regulation of mobile health November 17, 2011 | mHIMSS It can come as a bit of a shock to people in the consumer electronics, IT and telecommunications industries that FDA might regulate certain equipment like cell phones that companies are planning to put at the center of connected health services.  More