mHealth challenges: two perspectives

Rather surprising in their synchronicity were two new reports–the first from research company Frost & Sullivan, the second an academic study published in the Journal of Medical Internet Research (JMIR)–detailing problems and concerns with mobile health from the perspective of those who are considering or currently working with it.

Frost & Sullivan’s Advances in mHealth Technologies surveyed approximately 60 healthcare executives, academics and developers currently implementing mobile health systems in the US, Canada, Europe and Asia/Pacific. Their top concerns were security of patient information, integrating the technology into providers’ monitoring systems, and a lack of best practices. F&S projects that “developers will gain a superior understanding of the nature of security breach concerns and take necessary precautions” as mHealth is adopted by providers over the next 3-4 years. The F&S release provides an overview and of course encourages readers to purchase their study; Information Week‘s article has more details.

The JMIR study interviewed 27 US ‘key informants’ primarily from Federal agencies and integrated health systems. Concerns expressed here centered on the policy and regulatory environment (privacy, data security and regulation as medical devices); the wireless network environment (mobile cost and proprietary platforms); the health system environment (funding, lack of demonstrably successful business models); mHealth in current practice (not meeting consumer engagement needs); and mHealth research (evidence early, weak and generally lacking in quality). The study also included, from some respondents, approaches for these issues.Issues in mHealth: Findings From Key Informant Interviews Also: FierceMobileHealthcare article.

More synchronicity?  Those ‘necessary precautions’ in security, data breaches and privacy are starting to take place. Toronto-based Diversinet announced Tuesday that the cryptographic technology underpinning their MobiSecure platform has received a FIPS 140-2 validation required for US and Canada government use.  FIPS (Federal Information Processing Standards) 140-2 validation is given by the National Institute of Standards and Technology (NIST) and covers both US and Canada. For the technically minded from the release:  “NIST has validated Diversinet’s Java cryptographic module and Java Crypto Module for Mobile under FIPS 140-2, Security Requirements for Cryptographic Modules – a rigorous testing program administered by NIST and the Communications Security Establishment Canada (CSEC). The FIPS 140-2 validation, a recognized North American standard for proper use of encryption, is required for use in U.S. and Canadian government communications systems to protect sensitive data.”  The release also notes Diversinet’s arrangement with AirStrip Technologies for security relating to AirStrip’s use with the US government.  Diversinet release