Patient details routinely at risk on mobile devices

Healthcare professionals routinely put patient detailsat risk by storing them on mobile devices without adequate security, according to a sector survey.

The use of portable devices in healthcare is escalating due to ease of use, speed, increased capacity and low cost, the survey of 1,000 healthcare professionals in the UK and US found.

The survey by security firm Credant Technologies showed many doctors, policy makers, IT directors and IT managers in the sector rely on very basic security.

Some 35% of those surveyed said they used only password protection to secure their mobile devices, but 15% said they used these devices to store patient records.

Laptops are the most popular devices, being used by 62% of UK medical practitioners, followed by memory sticks (17%), with 13% using Blackberrys and other devices.

In the UK, 6% admitted to storing sensitive patient details with no security at all, but this is better than the US where 18% take this risk.

The survey found that despite strict regulation in the US, security standards in the healthcare sector are below those upheld in the UK.

UK doctors still flout NHS data security regulations, but the survey found that 56% of those surveyed use strong protection such as encryption (35%) and two-factor authentication (17%) compared with only 23% in the US.

Although UK standards still need to be improved, NHS guidelines issued after the loss of child benefit records by HMRC a year ago have had a positive effect, the survey found.

Respondents indicated nearly two-thirds (65%) of UK healthcare organisations have revised security procedures in the past year.

Nearly half (44%) of those surveyed in the UK said restrictions had been placed on the use of mobile devices and 6% reported a total ban.