Smartphone Policy for Health Care Providers

Healthcare Training Resource
September 12, 2012 — 2,017 views  
Become a Bronze Member for monthly eNewsletter, articles, and white papers.

In recent years, health care professionals have outpaced the general public in adopting smartphone technology. Roughly four out of five doctors use such devices, according to Jackson & Coker. Smartphones offer convenient ways to obtain medical information and communicate with patients. However, they also put confidential data at risk.

Many doctors and nurses do not recognize the serious threat posed by smartphone viruses and hackers. Some common applications automatically collect private photos and contact information from smartphones, according to the American Society of Plastic Surgeons. This can result in the violation of HITECH and HIPAA regulations.

Theft also puts patient data at risk. The American Medical Association reports that stolen and misplaced smartphones have helped to increase the number of data breaches in recent years. If someone steals or loses a doctor's smartphone, the medical facility may remotely clear its data. However, the phone's owner must give permission beforehand.

Smartphones feature built-in cameras and microphones that enable staff, visitors and hackers to violate privacy laws. The AMA warns that citizens may report facilities to the Department of Health and Human Services if anyone takes unauthorized pictures of patients or their medical files. DHHS officials may decide to conduct an investigation.

A range of security measures can be taken to protect confidential data. One option is to restrict the software that employees may download. With thousands of health-related smartphone apps available, there is a major risk that staff members will download unsafe software. Although they often cost more, it's possible to find secure applications.

Some health care providers do not allow employees to store sensitive data on smartphones. Instead, they encrypt the information and transmit it to a fully secured server. Although this does not eliminate all security risks, it limits the ability of thieves and hackers to access confidential data. It also prevents staff members from misusing the information.

Another option is to prohibit employees from bringing personal smartphones to work. If a health care provider chooses to supply staff with phones, it will be able to impose security measures more effectively. Staff members may accept such policies when they learn about smartphone security hazards and the potential repercussions.

Hospitals, clinics and medical centers need to develop clear smartphone policies and identify specific consequences for violators. Prohibiting smartphone photography or restricting software downloads may seem autocratic, but these steps can protect medical facilities from large fines, lawsuits and negative publicity.

Healthcare Training Resource