Tech Standards for mHealth Revealed

guide for safeguarding medical data
The National Cybersecurity Center of Excellence (NCCoE) has released a mobile security guide which is specifically written for safeguarding medical information. The 82-page handbook offers healthcare organisations insights on how to improve mHealth cybersecurity via open-source or commercial tools. The guide currently in draft form is awaiting public comment.

"This guide can help providers protect critical patient information without getting in the way of delivering quality care," according to NCCoE Director Donna Dodson. The NCCoE was established in 2012 by the U.S. Commerce Department's National Institute of Standards and Technology (NIST), the federal agency charged with developing tech standards.

The step-by-step guide explains how healthcare providers can make mobile devices (eg, smartphones and tablets) more secure, in order to better protect patient information and still take advantage of advances in communications technology.

Data show that nearly 90 percent of healthcare providers are currently utilising mobile devices within their organisations.

"We know from working with them that healthcare organisations want to protect their clients' personal information and themselves from the high costs associated with breaches," Dodson notes. "This guide can be an important tool among the many they use to reduce risk."

Securing Electronic Records on Mobile Devices provides health IT professionals with "detailed architecture so that they can copy or recreate with different but similar technologies, the security characteristics of the guide," explain NIST officials. The guide also outlines NIST standards, best practices and other relevant regulations such as HIPAA.

NIST officials describe the new guidelines as including a "virtual environment that simulates interaction among mobile devices and an electronic health record system supported by the IT infrastructure of a medical organisation."

In addition to the how-to handbook, the new NIST guidelines include a 16-page manual on relevant mobile device standards and controls mapping, specifically written for the healthcare industry. For each related technology, for instance, say key management, there is a corresponding table of applicable standards and links to the standards.

The document delineates risk assessment and outcomes, based on the business workflow of a typical EHR user.

Comments on the draft guide can be sent to [email protected] by 25 September 2015. The draft document in five parts, a web form and a template for comments are available at:

Source: National Institute of Standards and Technology
Image credit:

«« 3D-printed Drug: Breakthrough in Precision Medicine

Algorithm Helps Predict Patients' Deadly Sepsis »»

Published on : Mon, 10 Aug 2015

Related Articles
research data on mhealth technology needed

The American Heart Association has issued a report highlighting the need for more evaluative studies on the effectiveness of mobile... Read more

methods for exchanging health data

Electronic exchange of health information amongst healthcare providers has important implications for patient safety and care... Read more

precision medicine: tailored treatments for patients

In his State of the Union Address this January, President Obama announced the Precision Medicine Initiative (PMI) that was launched... Read more

healthmanagement, mhealth, NIST, technology, EHR, mobile, smartphones The National Cybersecurity Center of Excellence (NCCoE) has released a mobile security guide which is specifically written for safeguarding medical information.

No comment

Please login to leave a comment...