Risks feared in medical apps

[momentsplinter]

Comments

[hammersxstrings]

i do IT compliance work for a university with a very prominent medical program. They do a lot of research, especially with the government, so there's all sorts of regulations they're supposed to meet other than just HIPAA. I'm new to the university setting still (about 6 months here) and I find one of the biggest hindrances to us being able to appropriately secure the information is that doctors are very inflexible when it comes to the convenience in relation to implementing adequate security controls. And I can appreciate it, to an extent-their jobs are unimaginably stressful, and busy, and I get that, but when something happens to that data and they lose their research grants because they refuse to comply with some (imo) very reasonable security practices (only using university workstations for certain tasks, instead of doing work at home or connecting to unsecured wireless networks in a coffee shop to work with sensitive data, etc

[lastrega]

We do have regulations for health data and sensitive data collected for research. But apps like Touch Surgery aren't collecting that kind of data AFAIK. It's basically an electronic version of practicing a procedure on a sim dummy. Diagnostic apps are a lot bigger worry when patients use them to make important health choices.

Some colleagues of mine are currently working on a health app (the nature of which I can't describe) but it's basically a tracking app for the group of patients to track certain observations which they can then use to talk to their doctor. It's good to be cautious, but there are a lot of situations where apps are going to make huge differences to the way we look after patients.