Mobile devices can enable EHR access but still put info at risk

Mobile devices, such as laptops and smartphones, can enable clinicians to access electronic health records, but many still don't protect the information, despite the vulnerability of the electronic patient information and the many breaches that have been documented, warned panelists at the American Bar Association Health Law Section's 12th annual Washington Health Law Summit, held this week in the District of Columbia. For example, 90 percent of Americans use personal mobile devices for work, but 40 percent don't use passwords and 51 percent connect to unsecured wireless networks, according to attorney Rene Quashie, with Epstein Becker Green.

"This is particularly deadly for doctors," he warned. Meanwhile, according to Sarah Swank, an attorney with law firm Ober Kaler, some steps providers can take to better protect information in EHRs and on the devices include conducting a security risk analysis as required by HIPAA whenever there's a change in one's technology, such as adoption of a new EHR; determining if and how the device should link to the EHR; backing up patient information; and increasing workforce training. Conference information