Mobile Devices: A Threat to HIPAA Security

Rey Palmares
December 14, 2018

Mobile devices have always been a controversial issue when it comes to PHI. This is predicted to grow more difficult in the ensuing years as US consumers are warming up to the idea of wearable devices that monitor their vitals. The Deloitte 2018 Healthcare Consumer Survey reveals that 60% of respondents are willing to make the transition to mobile devices for easier transaction. The apparent ease of access is however predicted to do more harm than good.


As technology continues to develop, information becomes more valuable. This has become a lucrative trade for hackers in the 21st century. While software companies have stemmed the tide of cyber crime through the use of encryption and other security countermeasures, hacking continues to be a real threat. This is especially true with portable devices which are unequipped with the hardware to deal with cyber attacks. Considering the more personal nature of these mobile devices, these are prime pickings for many hackers today.

Viruses and Malware

While largescale hacking catastrophes over the years have resulted in breaches in HIPAA Security, half of the data privacy violations are not the work of hackers.

Mobile devices are vulnerable to viruses and malware infection. While data harvesting and identity theft are genuine concerns, PHI can also be at risk from the inside-out. Ransomware can effectively incapacitate computers until a ‘ransom’ is paid while some trojans and worms can destroy decades worth of files from the inside-out. This is coupled with the fact that the larger majority of patients in the US are aging and may not be as familiar with the use of the technology involved.

Human Error

However, the larger contributor of HIPAA-related violations is actually the user himself. Research has discovered that theft by outsiders or unknown parties comprise of a third (32.5%) of these violations. These are in the form of mistake, neglect, or outright incompetence wherein the information is accidentally disclosed or lost.


Writing should be one part informative and one part entertaining. It's what differentiates a generic piece of text from a well-written article. Rey Palmares dedicates much of his time to fine-tune that craft, juggling the joys and frustrations of writing with those of his law school life outside of the office. He's making it work so far.