Mobile Device Privacy and Security Good Practices for Health Information

Joy Pritts | March 15, 2012

Recent surveys and research show that the health care sector is rapidly adopting mobile technology, and it’s only expected to have more significant uptake in the future. This isn’t surprising. Laptops, tablets, and smart phones are fast and convenient means of communicating all sorts of data including health information.

Unfortunately, polls also show that mobile device security  has not kept pace with adoption. In fact, there have been a number of security incidents related to the use of mobile devices that are used to access, store, or exchange health information. Given the rapid adoption of mobile devices against the backdrop of the breach incidents reported, there’s been a growing concern about the use of these devices in the health field because of their vulnerability.

Mobile Device Privacy and Security Good Practices

Recognizing this evolving issue, ONC’s Office of the Chief Privacy Officer (OCPO) along with the Office for Civil Rights (OCR) recently launched a project designed to identify mobile device privacy and security good practices. The project is intended to build on the previously released Health and Human Services’ HIPAA Security Rule – Remote Use Guidance.

To kick off the discussion on this important topic, OCPO and OCR are co-hosting a free, public Mobile Devices Roundtable on securing and protecting health information while using mobile devices such as laptops, tablet computers, PDAs, and smart phones.


Upcoming Mobile Devices Roundtable: You Can Participate

The Mobile Devices Roundtable will be held on March 16, 2012 at the Hubert H. Humphrey Building in Washington, D.C. and via Webcast. It will feature three panels comprised of federal agency representatives, providers, and members of research, provider and industry organizations. The event will include interaction between the panelists and the audience. Questions from the audience will be accepted in-person, through email, and via Twitter.

The purpose of the Roundtable is to gather public, industry, and subject matter experts together to:

  • Summarize the current federal privacy and security legal framework for mobile devices accessing, storing and/or transmitting health information;
  • Discuss real world usage of mobile devices by providers and other health care delivery professionals in order to understand their expectations, attitudes, challenges and needs;
  • Gather input regarding the information (and format) providers and other health care delivery professionals want and need to help them safeguard health information on their mobile devices; and
  • Gather input on existing and emerging mobile device privacy and security good practices, and strategies and technologies for safeguarding data on mobile devices.

Register for the Roundtable and Learn About Mobile Device Privacy and Security Good Practices

Be sure to register for the free Roundtable event to join either in-person, by audio, or via Webcast. Registration can be completed at


How to Submit Comments and Questions

You can also submit comments and questions on our website.

We look forward to partnering with you to safeguard health information across mobile devices. Please share with us your challenges, successes, and ideas.

Together, we can build a culture where privacy and security are respected and valued to inspire confidence and trust in health IT and electronic health information exchange by protecting the confidentiality, integrity, and availability of health information.