These slides are the talking points for a 15-minute presentation I delivered as part of a Data Privacy Day panel at Cumberland School of Law, Samford University. The event was titled: "Is My Phone Spying On Me?"
9. HIPAA & Data Breaches
HHS database on security breaches involving EHR:
“in the past two years, … 116 data breaches of
500 records or more were the direct result of the
loss or theft of a mobile device and led to the
exposure of the personal health information of 1.9
million patients.”
Keep in mind that “mobile devices” included laptops, not just
smartphones, tablets
Source: Article on govhealthit.com (July 20, 2011) interview with Health IT Security
professionals.
10. HIPAA Applies To:
Healthcare Providers
Doctors,
Hospitals & Similar Providers
Pharmacies
Medical Insurance Companies & Similar Third-Party
Payors
Ancillary Administrative Service Providers
Outsourced Coding, Transcription, Billing, Accounting, IT
providers
11. HIPAA & Mobile Apps
If user is healthcare provider or other covered
party, then HIPPA will apply.
If app is developed for consumer use, then HIPPA
doesn’t apply.
See: http://mobihealthnews.com/11261/when-hipaa-applies-to-
mobile-applications/
12. Consumers & Mobile Privacy
Scenarios
Consumer downloads a mobile app that mines personal
health data
Smartphone stolen from consumer who has activated
mobile access to PHI with healthcare or health
insurance provider
Remote wipe not enabled
Data mining by non-health apps of data logged when
using health apps
13. Contact Me
tmartin@samford.edu
http://www.benfranklinfollies.com
LinkedIn: http://www.linkedin.com/in/shereem