With user privacy concerns rampant across the mobile and social landscapes today, it comes as little surprise that many individuals remain worried about the potential for privacy and security breaches in the application of technology in modern healthcare.

In a recently published interview about factors that constrain the growth of mHealth today, attorney Erin McAlpin Eiselein admits that a lost or stolen phone still remains the biggest threat to patients who store sensitive personal or medial data on their mobile devices.

Read the full story

The University of Kansas School of Medicine out of Wichita conducted an interesting study recently that asked physicians at pediatric hospitals what form of communication they prefer for “brief communication” while on the job.

Out of 106 physicians polled, 27 percent named texting their preferred method, compared to 23 percent that favored hospital-issued pagers and 21 percent that said face-to-face conversation.  Among the survey pool, 57 percent reported sending or receiving work-related text messages.  “We are using text messaging more and more to communicate with other physicians, residents and even to transfer a patient to a different unit,” lead investigator Dr. Stephanie Kuhlmann said in an AAP press release.  “The way that physicians are communicating appears to be shifting away from the traditional pager method.  Personally, I probably get 50 to 100 text messages during a shift,” she added.”

Read the full story

With a lot of ambiguity surrounding how SMS can be properly implemented in healthcare messaging, the folks at mHIMSS have produced an excellent quick-reference guide that covers five frequently asked questions regarding the use of SMS in healthcare.

Covering everything from the technology needed to deploy SMS, to the many regulatory standards associated with SMS and the use of Short Codes, and even including “Personal Health Information (PHI)” within text messages, the doc provides an excellent reference point to those seeking more information on SMS in healthcare.

Read the full story

The Department of Health and Human Services (HHS) have published a new proposed rule for Stage 2 Meaningful Use that would stipulate that mobile devices that retain patient data after a clinical encounter — such as laptops, smartphones and tablets — have default encryption enabled.

Many of the recent high-profile data breaches involving sensitive health information had to do with lost or stolen mobile devices, which has brought device security and proper encryption into the spotlight.  ”We agree that this is an area of security that appears to need specific focus,” the NPRM for Stage 2 Meaningful Use states.  “Recent HHS analysis of reported breaches indicates that almost 40% of large breaches involve lost or stolen devices.  Had these devices been encrypted, their data would have been secured.”

Read the full story

ID Experts, a Portland-based provider of data breach solutions, has published a new report entitled “Top 11 Trends for 2012 in Healthcare Data,” with many of which relating to mobile access to healthcare information and the security risks involved.

Before looking ahead to 2012, ID Experts offered their summary of the last 12 months by saying “2011 was the year when most physicians had mobile devices, when healthcare became one of the most-breached industries, and the Department of Health and Human Services Office for Civil Rights (OCR) cracked the whip with investigations and multi-million-dollar fines for organizations that didn’t meet their patient privacy obligations.”

Read the full story

Yesterday we covered a new report and survey sponsored recently from data security consulting firm ID Experts that details the growing trend of healthcare data breaches and security threats, despite improvements in policy management and training at healthcare organizations.

Today, new data was released showing data breaches are actually up 32 percent over last year.  For the study, senior personnel at 72 health care organizations in the administration, clinical, compliance, financial, privacy and security departments were interviewed, and found the three leading causes of increased breaches relate to lost or stolen equipment, errors by third parties and employee mistakes.  In fact, mistakes by employees have led to many data breach increases according to 41 percent of respondents.

Read the full story

A new survey out recently by data breach and remediation firm ID Experts shows that while policies and training at healthcare organizations have improved, health data is still no better protected than it was a year ago.

In fact, the survey found that the frequency of breaches has actually increased over the past year, along with rising incidents of identity theft and poor control over mobile devices.  In addition, two-thirds of organizations surveyed don’t provide protection services to breach victims.  There may be a reason for this trend, however, as electronic health record adoption and migration to mobile computing devices inherently leads to increased security risks and breaches.

Based on interviews with about 300 officials at 72 provider organizations, mostly hospitals, the rate of breach reporting has actually improved, which could skew the actual increase in breaches.  Survey results also show that identity theft in health care is up 26 percent in a year, which is substantial considering the overall financial cost of compromised sensitive health information can be much higher than theft of financial data.