• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

HIPAA Compliance-Hi

cheeto12

cheeto12

Newbie
Alright, odd question here but I hope somebody knows the answer because I don't want the Android OS to get left behind...

I work for an IT company that does computers for a lot of medical facilities. Recently the US Govt passed legislation that requires all computers/devices that contain HIPAA-related information (patient records and such) to be encrypted and have password protection. Basically, we had to encrypt the hard drives of all computers, laptops, and phones. If a user enters the wrong password multiple times, it locks out the hard drive (for computers) or wipes the device (for phones).

Currently, the only device of which I am aware that is compliant are Blackberries. Many of our users just got Android phones and have to trade them back in because they don't have a feature that is in compliance with this law.

Does anyone know of an app/program that would accomplish this? Android platform is so much more useful to our business than Blackberry, and I don't want to have to leave it behind.
 
MY IT Department just put me on an email service called Good. Good Technology. With this program my Droid works through an enterprise server similiar to the blackberry. This allows them to erase all info from the phone if I lose it.
 
I'm gonna have to raise the "BS" flag... Names, phone numbers, addresses, even dates of birth are not protected under HIPAA.

Insurance info, Diagnosis and Treatment information, and conversations or notes between you and your doctor are.
 
Technically, HIPAA regulations define health information as "any information, whether oral or recorded in any form or medium" that...

" s created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse"; and

"[r]elates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual."


So basically...

  • Information your doctors, nurses, and other health care providers put in your medical record
  • Conversations your doctor has about your care or treatment with nurses and others
  • Information about you in your health insurer
 
if you get email on your phone, you can have patient information on it. if someone was to pick up your unlocked phone, they could fwd all sorts of fun stuff to wherever they wanted. the remote email wiping seems like it would get around this, but i don't know if it gets around the letter of the law.

as far as calling bs, bring it up with the thousands of laptops we've had to encrypt the hard drives on, even though all the data is stored on network
 
I've worked in IT in a very similar environment, except we had to worry about sarbanes-oxley too. Fun times.

BS or not. . .when the top of the chain decrees it so, it's so. Better to over-interpret the law than under, as they say. So if they say everything must be encrypted it's gotta be encrypted, "BS" or not.
 
ok, so what i've found so far:

Good Technologies
WaveSecure
iTag

they all claim to be able to wipe remotely, but only WaveSecure claims to lock a device, and it also is available across multiple platforms. Has anyone used this?
 
I have used WaveSecure for a couple of months now, and I'm very impressed. It does everything as advertised. I've remotely wiped my phone for sh*ts and giggles, used WaveSecure to lock my phone, and also used it to locate my phone.

I highly recommend this program.
 
Lookout is another free app. I haven't used it but it looks like it might be pretty good. They seem to have covered a number of other mobile platforms already.
 
You must log in or register to reply here.
Back
Top Bottom