Mobile App Helps Breach Assessments

Aids in Sizing Up Whether an Incident Must be Reported
Mobile App Helps Breach Assessments

A new application for Apple mobile devices is designed to help healthcare organizations assess whether an incident is a breach that must be reported under the breach notification rule mandated by the HITECH Act.

See Also: Live Webinar | Securing Mobile Endpoints to Protect IP in the Pharma Industry

The new mobile HITECH Act Breach Notification Risk Assessment Tool was jointly developed by North Carolina Healthcare Information & Communications Alliance, a not-for-profit consortium, and Oak Grove Technologies, a small online training firm.

The app, which runs on iPhones, iPads and iPod Touches, enables users to provide answers to a series of questions to assess whether an incident is a reportable breach. The software provides a "total risk score" for the incident.

Questions include, for example: "Who was the recipient of the protected information," says James Zimmer, senior software engineer at Oak Grove Technologies. "Each question has a list of possible answers, and each answer has an internal risk score value," says Zimmer, the app's programmer.

In addition, the app can score the severity of the breach, determine required reporting actions for the incident and assist in record keeping. It enables the user to add basic report details, including the point of contact for the breach and the date of the event, Zimmer says.

The application also allows users to e-mail or text others within their organizations to notify them of the potential breach. But it does not provide a link to report a breach directly to the Department of Health and Human Services, and it's not designed to accommodate notification of breach victims.

In addition to running on Apple mobile devices, "we are assessing the demand for the app on other mobile devices," Zimmer adds.

The new app is an interactive, mobile version of the NCHICA Breach Reference Application, a reference available on the NCHICA website. It's available on iTunes for $1.99.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site, and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.