Security Recommendations for Mobile Health Apps

Expanded use of Electronic Health Records (EHRs) is an integral component of the ongoing modernization of the U.S. health care system through digitalization.  Among the anticipated advantages of using EHRs are improvements in patient care (e.g., through faster access to relevant information and consequently improved care coordination), increased patient engagement, as well as reduction of medical errors and cost savings. On the other hand, implementing EHRs in a sustainable and legally compliant way requires upfront investment in hardware, software, training, workflow restructuring, as well as management of risks unique to electronic records, such as vulnerability to malicious interference.  When EHRs are combined with mobile platforms, the cybersecurity risks multiply.  Addressing this latest challenge can be daunting, both for medical practices and EHR product providers.

To help defuse these concerns, the U.S. National Cybersecurity Center of Excellence (NCCoE) and the National Institute of Standards and Technology (NIST) recently published a comprehensive guide entitled “Securing Electronic Health Records on Mobile Devices.” 


Read more at: The National Law Review