Mobile devices and HIPAA/Meaningful Use


So here we are, several years into the federal regulations and you want to use your ipad or your iphone or any other mobile consumer device to access your EHR.

If you are a small provider you are probably at the mercy of your EHR vendor. If you are part of a group that has their own big IT staff you might be at the mercy of your Chief Security Officer or even your IT staff. So what can you do?

- Use a device that is likely to be supported. That means either an Apple/IOS device (iPhone/iPad) or a device that uses a recent version of Android, I would recommend 2.3 or later.
- Find out which devices your software actually supports. That could narrow the choices significantly. If your vendor or IT department says they only support one device or class of devices, then guess what - that is your choice.

The good news in all of this is that all of the newly trained and currently training medical professionals are completely tied to their devices, so the pressure will certainly be on the vendors and IT departments to give mobile access.

On the other side the coin you have the security problem. The vendors need to make sure that any ePHI on the device is encrypted and it would be advisable to have a way to wipe it automatically should it get lost.

From a cost standpoint, having doctors bring their own devices into the office certainly can save a lot of money, so CFOs are likely to like like that.

What does it mean althogether? It means there will be a balancing act for a while, but you can expect that most major mobile devices will be supported before long, once all of the security concerns are addressed.