As new technologies are evolving, healthcare industry has begun to move away from paper based processes and relying heavily on electronic information systems to conduct a host of clinical and administrative functions. While this definitely means that the medical workforce can be more mobile and efficient, but the rise in the adoption rate of these technologies does increase potential security risks to a significant level. HIPAA the Health Insurance Portability and Accountability Act, sets strict standards for protecting sensitive patient data. Any organization that deals with protected health information(PHI) must ensure that all the required physical, network and process security measures are in place and are being followed properly.

Major goal of the HIPAA security rule is to protect the privacy of individuals health information while allowing organizations to adopt new technologies to improve the quality and efficiency of patient care. If a healthcare application is going to send or share health data in any form, using any mode of communication to a physician, hospital or other covered entities it must be HIPAA compliant :

• Devices like phones, tablets, and wearables can be easily lost or stolen, meaning PHI could be easily compromised.

• Access to social media and email is easy by the devices involved in handling PHI making it easy for users to post sensitive information challenging HIPAA privacy laws.
• Not all users take advantage of the password protected screen lock feature, making data visible and prone to be accessed by unauthorized people

Thus, safety of healthcare information is crucial, especially when it can be accessed  from just about anywhere. Organizations must establish appropriate physical and technical safety measures to ensure the privacy of PHI. Focus should be on risk management across the whole of the organization and making use of healthcare solutions that are designed and developed to be HIPAA ready.