News & Insights  |  Media Mentions

Related Professionals

Practice Areas


Patricia O'Connell
Senior Communications Manager

Health Care Practice Co-Chair Kirk Nahra Comments on Mobile Health Data

December 4, 2012

Kirk Nahra, co-chair of Wiley Rein’s Health Care Practice, was interviewed by FierceHealthPayer for a November 29 article about protecting health data on mobile devices.

Insurers responding to customers’ demand for mobile access to their health records must make sure the data, known as electronic protected health information (ePHI) is secure, FierceHealthPayer reported. Companies that fail to safeguard patients’ privacy can face civil and criminal penalties for large-scale data breaches under the 2009 Health Information Technology for Economic and Clinical Health (HITECH) Act.

Insurance companies can help customers reduce risks by encouraging them to keep their mobile devices physically secure and password-protected. Insurers should also enforce their own internal policies to safeguard ePHI, such as issuing work-only mobile devices, upgrading anti-virus software and disposing of obsolete devices securely, according to the article.

"Faster is not necessarily better," Mr. Nahra told FierceHealthPayer. "You have to think about what you're trying to accomplish, what your choices are, and then figure out a way that lets you achieve as much as you can with appropriate security boundaries. If the right person can get into your database, you've got to make sure the wrong person can't get in."