Before reading how to make smartphones HIPAA compliant, it is important to first understand the risks that are associated with using smartphones to access and transmit electronic protected health information (ePHI) when the phone user is not complying with the HIPAA regulations.
Surveys have shown that more than 80 percent of medical professionals use a personal mobile device (smartphone, tablet, etc.) to access patient data or to send and receive messages containing ePHI; and security risks when communicating ePHI by smartphone exist when:
Furthermore, even though ePHI now has to be encrypted, copies of messages sent by “regular” SMS or email remain on routing servers while they are in transit, and they cannot be absolutely recalled or deleted to prevent a potential breach of ePHI.
With this in mind, the following information will be of value to healthcare organizations who wish to remain HIPAA compliant and avoid being responsible for ePHI being compromised – with the substantial financial penalties and civil legal action that would result.