Privacy and security realities hit David Collins hard.
Looking forward to cracking 1,000 Twitter followers at HIMSS13, the senior director of mHIMSS had 967 – until, that is, his account was compromised.
“I got hacked and I can’t get back in,” Collins said during the Preparing for an OCR Audit session here at HIMSS13. “I have to open a new account so I’m starting to take this personally.”
Collins’ own experience highlighted the lack of privacy and security policies and technologies in the new world of applications, healthcare and otherwise. An even bigger barrier, and one particular to health apps, Collins added, is a general lack of funding for investing in mHealth technologies.
“Here come the garage developers building solutions,” Collins explained. “They may not even understand healthcare.”
That wild west approach yields approximately 1,600 new mobile applications every day, Collins said, which makes it even more important for healthcare organizations to put policies in place around the use, privacy and security of mobile devices. According to HIMSS research, 68 percent of respondents have a policy in place, while 27 percent are currently creating one. And then there are the 4 percent who have no plans at all to adopt a policy alongside the 1 percent that don’t know and the 1 percent that falls into the “other” unexplained ether.
“Apps are the biggest opportunity,” Collins said, “and the biggest problem child right now.”
There’s evidence that may be starting to change in the form of mobile healthcare store Happtique, the Application Privacy, Protection and Security Act of 2013 aka The Apps Act, and the Locations Privacy Protection Act Minnesota Sen. Al Franken proposed in December 2012.
For healthcare organizations scrambling to sculpt BYOD policy in reaction to the organic growth of mobile devices and applications, those and other federal policy initiatives are arriving none too soon.
“The app economy is almost half a million jobs. That’s up from zero in 2007,” Collins said. That’s the upside; the downside is a lack of specialization. Those developers “see a new market and they’re developing products based on their skill sets.”
The divide between the entrepreneurial IT spirit and the realities of healthcare privacy and security requirements are two different worlds, indeed, but they are starting to come together.