mobile privacy & personal health information

MOBILE DATA PRIVACY KEY POINTS FROM

SHEREE MARTIN, J.D., LL.M., PH.D.JANUARY 27, 2012

Cumberland School of Law, Data Privacy Day

My overview considers:

How Mobile Data Impacts PHI Privacy

Davanti Digital Media--

YouTube: http://youtu.be/SmB_lzXcgVE

PHI Privacy Can Be Compromised By

How?

Kaiser Permanente Launches….

Mobile apps for electronic medical records

9 million patients in the system

HIPAA & Data Breaches

HHS database on security breaches involving EHR:

“in the past two years, … 116 data breaches of 500 records or more were the direct result of the loss or theft of a mobile device and led to the exposure of the personal health information of 1.9 million patients.” Keep in mind that “mobile devices” included

laptops, not just smartphones, tablets

Source: Article on govhealthit.com (July 20, 2011) interview with Health IT Security professionals.

HIPAA Applies To:

Healthcare Providers Doctors, Hospitals & Similar Providers Pharmacies

Medical Insurance Companies & Similar Third-Party Payors

Ancillary Administrative Service Providers Outsourced Coding, Transcription, Billing,

Accounting, IT providers

HIPAA & Mobile Apps

If user is healthcare provider or other covered party, then HIPPA will apply.

If app is developed for consumer use, then HIPPA doesn’t apply.

See: http://mobihealthnews.com/11261/when-hipaa-applies-to-mobile-applications/

Consumers & Mobile Privacy Scenarios

Consumer downloads a mobile app that mines personal health data

Smartphone stolen from consumer who has activated mobile access to PHI with healthcare or health insurance provider Remote wipe not enabled

Data mining by non-health apps of data logged when using health apps

Contact Me

tmartin@samford.edu http://www.benfranklinfollies.com LinkedIn:

http://www.linkedin.com/in/shereem