{"id":2706,"date":"2013-11-04T00:00:00","date_gmt":"2013-11-04T00:00:00","guid":{"rendered":"http:\/\/otava.test\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/"},"modified":"2013-11-04T00:00:00","modified_gmt":"2013-11-04T00:00:00","slug":"hipaa-encryption-protecting-patient-data-on-tablets-smartphones","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/","title":{"rendered":"HIPAA Encryption: Protecting Patient Data on Tablets &#038; Smartphones"},"content":{"rendered":"<p dir=\"ltr\">A guest blog from HITECHAnswers.net lists security tips from HHS.gov to help ensure that patient data is secure in a BYOD (Bring Your Own Device) environment that includes the use of personal devices such as iPhones and iPads in the workplace. One of HealthIT.gov\u2019s tips includes encrypting data stored locally on your mobile device as well as data sent by your device (data at rest and in transit).<\/p>\n<p dir=\"ltr\">While device encryption can provide one layer of defense, if you go a layer deeper, you can ensure the entire IT stack is secured with encryption, hardening your defense against a potential breach. Protect data in transit by using a VPN (virtual private network) and <a href=\"https:\/\/otavawebsite.wpengine.com\/solutions\/cloud-security\/\">SSL certificates<\/a> for encrypted data sharing. A <a href=\"https:\/\/otavawebsite.wpengine.com\/compliance-security\/hipaa-compliant-cloud\/\">HIPAA compliant cloud<\/a> infrastructure should include built-in, hardware-based encryption that encrypts data as its written to drives. Protecting data stored in a SAN (Storage Area Network) is just as important as protecting data stored on a mobile device.<\/p>\n<p dir=\"ltr\">HHS.gov recommends encrypting data to the NIST (National Institute of Standards and Technology) standards found in their <em>Special Publication 800-111, Guide to Storage Encryption Technologies for End User Devices<\/em>. For mobile devices, they recommend following the guidelines in <em>FIPS PUB 140-2: Security Requirements for Cryptographic Modules<\/em>.<\/p>\n<p dir=\"ltr\">Other mobile security tips from HHS.gov that can help you achieve a HIPAA compliant policy for BYOD in the workplace include:<\/p>\n<ol>\n<li>Use a password or other user authentication, such as PINS (personal identification numbers) or passcodes to secure your mobile device. Set your device to lock its screen after a set period of inactivity.<\/li>\n<li>Install and activate remote wiping and\/or remote disabling that allows you to wipe or disable data stored on your device if it\u2019s stolen or lost.<\/li>\n<li>Disable and don\u2019t install or use file-sharing apps. SFTP (Secure File Transfer Protocol) is one secure way to share files. Many cloud-based file-sharing apps aren\u2019t secure enough for file transfers that include patient health information, including Dropbox and Google Drive.<\/li>\n<li>Install and enable a firewall that can intercept incoming and outcoming connection attempts, as well as block or permit them based on a set of rules. However, HITECHAnswers.net makes a good point that iPhones\/iPads can\u2019t have firewalls installed on them unless they\u2019re jailbroken, which is bad practice for mobile security.<\/li>\n<li>Install and enable security software to protect agains virusues, spam and malware &#8211; keep software updated with patch management.<\/li>\n<li>Delete stored health information before discarding or reusing the mobile device.<\/li>\n<\/ol>\n<p dir=\"ltr\">For further guidance on mobile security and an example of a successful healthcare BYOD case study, read our <a href=\"https:\/\/otavawebsite.wpengine.com\/about\/resources\/\">Mobile Security white paper<\/a>.<\/p>\n<p>References:<br \/>\n<a href=\"https:\/\/www.hhs.gov\/ocr\/privacy\/hipaa\/administrative\/breachnotificationrule\/brguidance.html\">Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals<\/a><br \/>\n<a href=\"https:\/\/csrc.nist.gov\/publications\/fips\/fips140-2\/fips1402.pdf\">FIPS PUB 140-2: Security Requirements for Cryptographic Modules<\/a><br \/>\n<a href=\"https:\/\/www.hitechanswers.net\/hipaa-security-iphones\/\">HIPAA Security for iPhones<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A guest blog from HITECHAnswers.net lists security tips from HHS.gov to help ensure that patient data is secure in a BYOD (Bring Your Own Device) environment that includes the use of personal devices such as iPhones and iPads in the workplace. One of HealthIT.gov\u2019s tips includes encrypting data stored locally on your mobile device as well as data sent by your device (data at rest and in transit). While device encryption can provide one layer of defense, if you go a layer deeper, you can ensure the entire IT stack is secured with encryption, hardening your defense against a potential breach. Protect data in transit by using a VPN (virtual private network) and SSL certificates for encrypted data sharing. A HIPAA compliant cloud infrastructure should include built-in, hardware-based encryption that encrypts data as its written to drives. Protecting data stored in a SAN (Storage Area Network) is just as important as protecting data stored on a mobile device. HHS.gov recommends encrypting data to the NIST (National Institute of Standards and Technology) standards found in their Special Publication 800-111, Guide to Storage Encryption Technologies for End User Devices. For mobile devices, they recommend following the guidelines in FIPS PUB 140-2: Security&#8230;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-2706","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>HIPAA Encryption: Protecting Patient Data on Tablets &amp; Smartphones | OTAVA<\/title>\n<meta name=\"description\" content=\"One of HealthIT.gov\u2019s tips regaring protection of patient data on tablets and smartphones includes encrypting data per HIPAA.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HIPAA Encryption: Protecting Patient Data on Tablets &amp; Smartphones\" \/>\n<meta property=\"og:description\" content=\"One of HealthIT.gov\u2019s tips regaring protection of patient data on tablets and smartphones includes encrypting data per HIPAA.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2013-11-04T00:00:00+00:00\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"HIPAA Encryption: Protecting Patient Data on Tablets &#038; Smartphones\",\"datePublished\":\"2013-11-04T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/\"},\"wordCount\":474,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/\",\"url\":\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/\",\"name\":\"HIPAA Encryption: Protecting Patient Data on Tablets & Smartphones | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"datePublished\":\"2013-11-04T00:00:00+00:00\",\"description\":\"One of HealthIT.gov\u2019s tips regaring protection of patient data on tablets and smartphones includes encrypting data per HIPAA.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HIPAA Encryption: Protecting Patient Data on Tablets &#038; Smartphones\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"HIPAA Encryption: Protecting Patient Data on Tablets & Smartphones | OTAVA","description":"One of HealthIT.gov\u2019s tips regaring protection of patient data on tablets and smartphones includes encrypting data per HIPAA.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/","og_locale":"en_US","og_type":"article","og_title":"HIPAA Encryption: Protecting Patient Data on Tablets & Smartphones","og_description":"One of HealthIT.gov\u2019s tips regaring protection of patient data on tablets and smartphones includes encrypting data per HIPAA.","og_url":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/","og_site_name":"OTAVA","article_published_time":"2013-11-04T00:00:00+00:00","author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"HIPAA Encryption: Protecting Patient Data on Tablets &#038; Smartphones","datePublished":"2013-11-04T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/"},"wordCount":474,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/","url":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/","name":"HIPAA Encryption: Protecting Patient Data on Tablets & Smartphones | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"datePublished":"2013-11-04T00:00:00+00:00","description":"One of HealthIT.gov\u2019s tips regaring protection of patient data on tablets and smartphones includes encrypting data per HIPAA.","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/hipaa-encryption-protecting-patient-data-on-tablets-smartphones\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"HIPAA Encryption: Protecting Patient Data on Tablets &#038; Smartphones"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2706","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=2706"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2706\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=2706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=2706"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=2706"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=2706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}