AHIMA: Look at legal ramifications of mobile health information

By Neil Versel
July 09, 2012
06:08 am
Share

Mobile SecurityIn developing policies for managing data handled by and stored on mobile devices, healthcare organizations should look beyond privacy and security and consider the legal ramifications of mobile health information, the American Health Information Management Association (AHIMA) says.

"While much has been written stressing how extremely important security and privacy issues are in the use of mobile health technology, a question much less explored is how health information that is captured on mobile devices relates to the management of the health record," Lydia Washington, a director of practice management at AHIMA, writes in the July issue of the Journal of AHIMA.

AHIMA has long been emphasizing the importance of the "legal health record" in the context of electronic health records, essentially the official documentation of healthcare services provided from an organization to an individual. Information captured by or transmitted over a mobile device is part of this, according to Washington.

"It is widely accepted that any health information captured or stored by clinicians using either a personal mobile device or one provided by the healthcare organization becomes part of the HIPAA-designated record set if that information is used to make decisions about a patient. The same is true when health information that is collected or captured by an individual or patient is transmitted or communicated to a provider who uses it in the provision of care," Washington writes.

"Most likely, this information is also part of an organization's legal health record and is subject to requests for disclosures, subpoenas, and e-discovery. Conceivably, the health information generated by a mobile device could also be useful for many non-clinical applications that use medical records—such as audits, health research, and information reporting. The problem for HIM professionals is how to track and preserve these records when they reside on mobile devices."

No fewer than six federal agencies – the Office of the National Coordinator for Health IT, the Federal Communications Commission, the Food and Drug Administration, the Federal Trade Commission, the HHS Office for Civil Rights and the National Institute of Standards and Technology – have shown interest in monitoring and perhaps regulating mobile devices in healthcare, according to the journal article. (Washington cited a September 2011 MobiHealthNews story to illustrate the FTC's involvement.)

"While each agency has a different approach to monitoring healthcare mobile device use, each reported a specific emphasis on privacy and security," Washington says. That, according to the AHIMA practice management specialist, is inadequate.

"In addition to privacy and security policies, healthcare organizations would need to have policies that outline the conditions and acceptable uses of mobile devices that capture and store clinical information since that information may become part of a health record," Washington recommends.

"Policies would need to address how mobile devices are handled when the information they contain may become involved in potential litigation (legal holds) as well as methods for monitoring and tracking mobile devices that contain health information that is part of the organization's legal health record. The use of mobile devices that access health information and health records, whether personally owned or provided by the healthcare organization, need to be addressed in security risk assessments, litigation response plans, and human resources policies."

Washington further advises health information management professionals to "develop internal policies aimed at protecting the integrity and privacy of patient records."

Tags: 
AHIMA, FTC, HHS Office Civil Rights, Journal of AHIMA, mobile health HIPAA, mobile health policy, mobile health privacy, mobile health security, ONC

More regional news

Two people sitting on a couch talking to a telehealth provider

Zarminali Health launches with $40M from General Catalyst

By
Jessica Hagen
November 25, 2024
Person holding a tablet in one hand and a prescription bottle in the other

Allurion Technologies launches AI-native GLP-1 program for weight loss in the U.S.

By
Anthony Vecchione
November 25, 2024
Five people standing by each other

Exclusive: PatientsLikeMe launches AI assistant focused on women's health

By
Anthony Vecchione
November 25, 2024
Share

Top Story

Five people standing by each other
Exclusive: PatientsLikeMe launches AI assistant focused on women's health

Editor's Pick

State of digital health investment, part 1: Andreessen Horowitz
State of digital health investment, part 2: LBMC
State of digital health investment, part 3: AstraZeneca
State of digital health investment, part 4: Atropos Health
State of digital health investment, part 5: HTC Vive
State of digital health investment, part 6: Osso VR

More Stories

Two people sitting on a couch talking to a telehealth provider
Zarminali Health launches with $40M from General Catalyst
Person holding a tablet in one hand and a prescription bottle in the other
Allurion Technologies launches AI-native GLP-1 program for weight loss in the U.S.
Healthcare provider in scrubs
Neuralink receives approval to begin clinical trial in Canada on brain implant
Person talking to a telehealth provider
Rightway, Curai Health partner to expand access to virtual care
Executives in a conference
Converge Bio raises $5.5M to expedite drug discovery, development with GenAI
Healthcare provider wearing a lab coat with a stethoscope around their neck while looking at a computer
TailorMed announces $40M financing round and more funding news
A doctor analysing a chest X-ray image
Vuno secures second 510(k) and more briefs
Clinicians reviewing data on a laptop
ThoroughCare secures $5M to scale digital care coordination platform