Brian Jackson - Fotolia
When Dan Bowden, chief information security officer at the University of Utah and University of Utah Health Care, surveys his data networks, the mobile health security of devices and apps is his top priority.
In this podcast, Bowden recommends that IT professionals at other healthcare providers perform risk assessments and educate the entire organization about the inherent security risks associated with various IT systems so they're able to weigh those risks with the benefits.
Malware, persistent attacks on healthcare networks and zero-day attacks are becoming commonplace, so a well-orchestrated mobile data management system and strong encryption are needed to oversee the mobile health security of bring your own devices attached to these networks, Bowden said.
At the same time, patients are seeking more access to their data and providers want to be able to share that data. In order for this to be possible, though, users and patients need to have confidence in the security of protected health information, he said.
"They need to believe in what we're doing … that we're taking all the measures we can to protect this," Bowden stressed.
Bowden said his security approach relies on the overall organization's adoption of system-wide rules on data governance, prevention, detection and incident response.
HIPAA risk assessment app released by HHS
Encryption and employee education, are pieces of a mobile security plan
Mobile health security important for radiologists