The pMD Blog

Welcome to the
pMD Blog...

where we cover interesting and relevant news, insights, events, and more related to the health care industry and pMD. Most importantly, this blog is a fun, engaging way to learn about developments in an ever-changing field that is heavily influenced by technology.

Apple’s most important iOS security update

As smartphone technology in the health care market becomes more innovative and cutting edge, its consumers have become increasingly more tech-savvy. There’s also more awareness that smartphone devices and software can be updated on an ongoing basis after purchase; however, the notion that devices should be updated is still largely under-adopted in the medical community. It’s common to hear the phrases, “I don’t like the way the new version looks,” “I don’t want to learn another new system,” or “I don’t have time for this.” These statements miss the mark on a key point in mobile software: some of the most important enhancements in updates go far beneath the visual surface and could be violating electronic health care laws.

Apple found 53 major security vulnerabilities in older iOS 6 and iOS 7 versions that the company has since patched in iOS 8, its most recent mobile operating system. Apple released iOS 8 on Sept. 17, 2014, and so far 78% of Apple mobile devices are using iOS 8. The remaining 22% of current users are still susceptible to these security vulnerabilities.

How does this affect the millions of health care professionals using their mobile devices for their work? Well for one, not keeping up-to-date software means they’ll miss out on the latest and most beneficial app features that could help with patient care and productivity. But more seriously, ‘update delinquents’ run the risk of being in violation with HIPAA Privacy and Security rules. Under HIPAA, Covered Entities are required to “implement policies and procedures to prevent, detect, contain, and correct security violations (45 CFR 164.308)” for electronic protected health information (ePHI). Furthermore, HIPAA Security and Privacy Rules require that all Covered Entities protect the ePHI that they use or disclose, and recommend, among other precautions such as encryption technology, installing and regularly updating virus-protection software on all portable or remote devices that access ePHI.

Without iOS 8, attackers could intercept user credentials and saved passwords on Safari, install unverified and malicious apps, access text messages and email attachments without authorization, or bypass the screen lock feature altogether, to name a few security vulnerabilities.

Below are five tips to protect and secure the electronic health information on your mobile device:

1. Keep your software up to date! Install security software for added protection.
2. Use a complex password or other user authentication on your home screen.
3. Install and activate remote wiping and/or remote disabling, like Find My iPhone.
4. Research mobile apps before downloading them.
5. Be cognizant of where you leave your mobile device.

Apple’s app submission rules now require that developers use the iOS 8 software kit for new and existing app updates. This means that if you’re running anything lower than iOS 8 on your Apple device after June 1, 2015, you won’t receive updates to your apps. Although Apple won’t remove any apps currently in the App Store, users running iOS 7 or lower won’t be able to download new features or “bug fix” updates. It’s a nudge in the right direction to get the remaining 25% of Apple users onto iOS 8. And for the population of medical professionals who access electronic health data from their mobile devices, including our charge capture and secure messaging users, there are no more excuses for running out-of-date versions. So, if you’re guilty of ignoring software updates or simply can’t remember the last time you updated your iPhone, it’s finally time to update your device to iOS 8 (and every other update thereafter!).
5G ACA Account Management ACI Advancing Care Information AHCA AHRQ AI Alternative Payment Model Android API Apple Artificial Intelligence Audit BCRA Best Place to Work Big Data bootcamp BPCI BPTW Bundled Payments Care Communities care coordination Care Navigation Care Team Career Fair CDC Charge Capture Charge Capture App Charge Capture Software Charge Capture Solution Charge Capture Statistics Charge Lag CHIP CIO Clinical Communication Clinical Data Registry Clinically integrated network CMS Communication Company Culture Conferences Connected Health Record culture custom reports Customer Interaction customer success customer support Customers cybersecurity Developer DHHS Dialysis discharge instructions EHR Electronic Charge Capture Encryption epidemic Expansion FDA FHIR Flu fundamentals GI GI Outlook Goals Health Care Health Care Technology Health Care Web Health Information Exchange Health Record Healthcare HIE HIPAA hipaa compliant communication hipaa compliant communication platform HIPAA-Compliant HL7 Home dialysis Hospital Census Hospital Communication IA ICD-10 ICD-11 Implementation Improvement Activities interoperability iOS iOS 8 iOS7 iPad iPhone iPhone 6 Lead Generation length of stay MACRA Medical Billing Medical Errors Medical Software Medicare Mentorship Messaging Messaging with Patients MGMA MIPS MIPS Registry mobile Mobile App Mobile Charge Capture Mobile EHR Mobile Health Mobile Messaging Mobile security Mobile Technology Modern Healthcare Native App Network news NIH OCM onboarding Oncology Care Model opioid crisis Patient Patient App Patient Care Patient Chat Patient Communication Patient Engagement Patient Generated Health Data Patient Handoff Software Patient Information Patient Safety Patient Visits Patient-Centric pmd pMD Team population health Population Health Management PQRS Product Development Productivity Promoting Interoperability QCDR Quality Scoring Recruiting Recruitment Reimbursement Remote Work reports Residents Responsibility ROI Sales Secure Data Secure Messaging Secure Messaging Video Secure Text Messaging Security Audit SF Biz Times SOC 2 success support TCM Teamwork technology telehealth Telemedicine Text Messaging texting training Travel Upgrades VA Value-based care Video Calling Video chat video communication video conferencing Wearable Device wearing many hats Web App Wireless Work From Home