NIST: How to secure patient records on smartphones, tablets

The National Institute of Standards and Technology at the U.S. Department of Commerce released a guide for securing patient information accessed on mobile devices.

The approach, developed by the National Cybersecurity Center of Excellence, aims to help healthcare organizations secure patient information as physicians, nurses and other caregivers increasingly use mobile devices to access patient information stored on an EHR system.

"If not protected, patient information collected, stored, processed and transmitted on mobile devices is especially vulnerable to attack," the report reads, noting these devices might not be equipped with comprehensive cybersecurity systems.

The guide recommends using various commercially available and open-source products to ensure mobile devices meet regulatory standards for data sharing, including HIPAA.

NIST stressed the products described in its guide may not be well-suited for every healthcare organization, although the guide could be used to inform their individual strategies.

"Your organization's information security experts should identify the products that will best integrate with its existing tools and IT system infrastructure," the report reads. "The organization can adopt this solution or one that adheres to these guidelines in whole, or you can use this guide as a starting point for tailoring and implementing parts of a solution."

To download NIST's report, click here.

More articles on cybersecurity:
OCR issuing fewer HIPAA penalties in 2018, report suggests
'Accidental disclosure' is the No. 1 way data breaches happen in healthcare, report finds
700K paper records breached in 2018 — More than half attributed to 1 break-in

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Whitepapers

Featured Webinars