HIPAA defines a mobile device as any device that allows storage of data on itself by using it's on-board memory or within the SIM card of a memory chip. Mobile devices can be used to send and transmit data, which may include Protected Health Information (PHI or ePHI) under HIPAA. Sending and transmitting PHI or ePHI through these devices has proven to be risky because of the unique security risks involved.

mobile device


Popular handheld devices include stand alone PDAs like Palm and Apple's iPod touch, iPhone, Android phones, Blackberry, etc. Also included are tablets such as Apple’s iPad and Microsoft’s Surface. HIPAA requires that PHI be safeguarded against threats to security, integrity and unauthorized use.

According to HHS.gov, Health care providers, other covered entities, and business associates may use mobile devices to access electronic protected health information (ePHI) in a cloud as long as appropriate physical, administrative, and technical safeguards are in place to protect the confidentiality, integrity, and availability of the ePHI on the mobile device and in the cloud, and appropriate BAAs are in place with any third party service providers for the device and/or the cloud that will have access to the e-PHI.


Dexcomm is a Louisiana-based corporation that provides answering services to businesses and service agencies across the United States. We have been open since 1954, employ a staff of roughly 80 people, and our average client retention rate is 10+ years.

Connect With Us:





Read More About The Author: Dexcomm