Healthcare Information Security

Mobile News

Mobile Security Essential Healthcare Provider Priority

A recent HIMSS Analytics survey said that while providers have an increased desire for data access, mobile security is still a key concern.

Mobile security key issue as providers implement new technologies.

Source: Thinkstock

By Elizabeth Snell

- Healthcare providers continue to implement smart phones and tablets into their daily operations, which further underlines the need for current BYOD policies and a strong focus on mobile security.

A recent HIMSS Analytics survey found that the use of mobile technology has become a staple for many providers, with tablets becoming a more common tool as a device to coordinate, support, and provide patient care.

“Regardless of being hospital provided or ‘bring your own device’ (BYOD), mobile technology has found a place in the clinical setting to help coordinate, support and provide patient care,” report authors stated in the 2017 Essentials Brief: Mobile. “While many organizations still rely heavily on desktop computers, tablets and smart phones have been incorporated into the clinician’s and non-clinician’s day to day routine.”

Researchers also noted that mobile security was the top hurdle for the continued increase in mobile technology. There were numerous healthcare cybersecurity attacks in 2016, and there has been no indication that this trend will disappear in 2017.

Nearly all respondents – 94 percent – said that they use desktop computers for accessing information to provide and coordinate patient care. Seventy-nine percent reported that they use tablets for accessing the data, while 42 percent said they use smart phones.

“Tablets have seen an increase in usage over smart phones most likely due to the larger screen, allowing more face to face interaction with patients, and easier to maintain/track within the department/organization,” researchers explained. “Additionally, with the complexities that may come with a bring your own device (BYOD) program, end users may not be willing to give up their personal device for work-related functions.”

Overall, mobile technology is primarily being used to gain access clinical and non-clinical information as well as getting access to their in-house EHR, the survey found.

Approximately three-quarters of respondents said they use smart phones or tablets for applications to access clinical information. Seventy-percent stated they use the devices for EHR access, while 66 percent said they use applications to access non-clinical information (i.e. educational resources).

“While consultations and texting are used by roughly 42 percent of respondents using smart phones and tablets, users indicated they would like to see additional texting capabilities (to patients), order entry, discharge planning, and medication administration scanning and documentation,” noted researchers.

Other research has shown that healthcare providers also have concerns with third party healthcare application privacy and security capabilities.

A Substitutable Medical Applications, Reusable Technology (SMART) Health IT study from earlier this year showed that approximately half of surveyed organizations have healthcare app privacy and security as a key worry, followed by app credibility, and the ongoing app maintenance.

“For years, healthcare providers have been adopting increasingly integrated healthcare IT (HIT) suites from a single vendor, but healthcare apps buck this trend, with many organizations looking to third-party vendors to supply niche solutions to improve organizational efficiency and patient care,” the report’s authors wrote. “The recent passage of the 21st Century Cures Act, which states that a year from now open APIs will be necessary for EHR system certification, is expected to drive further growth in the app ecosystem.”

A surveyed CMIO explained that there is a rigorous screening process to ensure healthcare app privacy and security.

There is a security review, a privacy review, and a legal review, the CMIO stated. An internal champion is also found, someone “who can look out for the effort and speak for it.”

“We obviously have concerns about security and privacy around PHI,” the CMIO said. “I don't know if there is anything novel about that, but we have a rigorous process that handles those things.”


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks