Mobile Devices, Healthcare, And HIPAA — Securing Mobile Patient Information Under HIPAA

Recorded Webinar | Jim Sheldon Dean | From: Nov 12, 2019 - To: Dec 31, 2019

This session will review the requirements and current issues pertaining to mobile devices and present ways for the attendees to consider how to communicate between professionals as well as meet patient desires and stay within the regulations, including processes for managing portable devices, policies needed for ensuring secure communications and storage where needed, and procedures for meeting and documenting patient requests. Recent guidance from the National Institute of Standards and Technology on the use of mobile technologies with EHR data will be discussed and practical ways of using mobile devices securely will be presented.

You will be able to understand what the different types of communication are and how they must be considered to meet HIPAA requirements for privacy and security. You will be able to evaluate how your office communications take place and what can be done to ensure that those communications do not take place insecurely whenever patient information is involved. You will have recommendations for policy content that is applicable for mobile devices, as well as relating to patient communications. You will know how to establish the processes that are necessary to ensure security and patient rights, and avoid compliance violations.

Once patient information is involved, the devices used by a provider or their staff must be properly secured through the use of good passcodes and encryption with remote wiping of data if lost or stolen, and if you allow staff to use their own devices for business work, what happens when they trade in their old phone when the new one comes out?

If you communicate with patients using portable devices, you need to consider the issues of privacy and security, as well as those of triaging incoming communications and documenting conversations. Just plain texting is not readily adaptable to the requirements of patient care and documentation, but secure, appropriate solutions are available.

Finally, we will discuss the enforcement of HIPAA rules and how they relate to mobile devices, the issues that can lead to enforcement, and the impacts of enforcement actions, including monetary settlements and corrective action plans.

What you'll learn?

  • NIST guidance on using mobile technology with EHR data is presented
  • Policies and procedures for managing and auditing the use of mobile devices are explained, including the use of insecure communications made at the request of patients
  • Regulatory requirements are explained, as well as, typical communication situations, and the appropriate means of communicating according to the regulations
  • The information security issues related to communications and the risks associated with insecure communications are presented, so you can know how to explain the risks of insecure communications to staff, and to patients who request insecure communications
  • There is an explanation of technologies that can provide such encryption and security, to help you know when secure communications are required and what must be done to secure communications and devices
  • Learn about the training and education that must take place and be documented to ensure your staff uses portable health information properly and does not risk exposure of PHI

Why should you attend?

The session will explain the HIPAA regulations that apply to the use of portable devices, both as tools for staff to use, and as a means of communication with patients. Proper use of portable devices requires consideration of a variety of purposes: for personal use, for business use not involving any identifiable patient information, for business use that does involve identifiable patient information, and for communications with patients. Each type of use requires careful consideration of the rules and the risks to the confidentiality, integrity, and availability of information.

For business users with no patient information, the constraints are few, so long as you are sure there is no patient information involved with those uses. But if you include any patient information, you need to ensure the information is protected. Even so, patients are allowed to ask to communicate with you in any way you can reasonably handle. Just what is reasonable and what is allowed according to guidance from HHS is discussed.

Who should attend?

  • Compliance Manager
  • HIPAA Privacy Officer
  • HIPAA Security Officer
  • CEO
  • Office Manager
  • HR Director
  • Privacy Officer
  • CIO
  • Records Release Manager
  • HIM Manager
  • Counsel

Choose Your Options

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.

Instant Download
Recorded Session
Recorded Session & DVD
Recorded & E-book (Pdf)
DVD & E-book (Pdf)

* Or more for 6+ attendess call us at 1-800-808-2178 or mail us at

* For Cheque and ACH payment call us at 1-800-808-2178 or mail us at

* Click Here to download our Order Form


Need help? Call Our Support Team at +1-800-808-2178 /