Brian Jackson - Fotolia

CISO feels strain to balance open data with mobile health security

In this podcast, Dan Bowden, CISO at University of Utah Healthcare, says mobile health security is a top concern and risk assessment is paramount.

When Dan Bowden, chief information security officer at the University of Utah and University of Utah Health Care, surveys his data networks, the mobile health security of devices and apps is his top priority.

In this podcast, Bowden recommends that IT professionals at other healthcare providers perform risk assessments and educate the entire organization about the inherent security risks associated with various IT systems so they're able to weigh those risks with the benefits.

Malware, persistent attacks on healthcare networks and zero-day attacks are becoming commonplace, so a well-orchestrated mobile data management system and strong encryption are needed to oversee the mobile health security of bring your own devices attached to these networks, Bowden said.

At the same time, patients are seeking more access to their data and providers want to be able to share that data. In order for this to be possible, though, users and patients need to have confidence in the security of protected health information, he said.

"They need to believe in what we're doing … that we're taking all the measures we can to protect this," Bowden stressed.

Bowden said his security approach relies on the overall organization's adoption of system-wide rules on data governance, prevention, detection and incident response.

Let us know what you think about the story or mobile health security; email Shaun Sutner, news and features writer, or contact @SSutner on Twitter.

Next Steps

HIPAA risk assessment app released by HHS

Encryption and employee education, are pieces of a mobile security plan

Mobile health security important for radiologists

Dig Deeper on Mobile health systems and devices