The National Institute of Standards and Technology at the U.S. Department of Commerce released a guide for securing patient information accessed on mobile devices.
The approach, developed by the National Cybersecurity Center of Excellence, aims to help healthcare organizations secure patient information as physicians, nurses and other caregivers increasingly use mobile devices to access patient information stored on an EHR system.
"If not protected, patient information collected, stored, processed and transmitted on mobile devices is especially vulnerable to attack," the report reads, noting these devices might not be equipped with comprehensive cybersecurity systems.
The guide recommends using various commercially available and open-source products to ensure mobile devices meet regulatory standards for data sharing, including HIPAA.
NIST stressed the products described in its guide may not be well-suited for every healthcare organization, although the guide could be used to inform their individual strategies.
"Your organization's information security experts should identify the products that will best integrate with its existing tools and IT system infrastructure," the report reads. "The organization can adopt this solution or one that adheres to these guidelines in whole, or you can use this guide as a starting point for tailoring and implementing parts of a solution."
To download NIST's report, click here.