The security of patient information has been a topic of high importance at many levels of the healthcare industry for several years. PocketMD takes patient data security very seriously, and we understand the need to keep patient data confidential. We have worked with data security experts to design PocketMD to fully comply with the requirements mandated by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). HIPAA includes security standards for the maintenance and transmission of any health information that identifies an individual patient. For a wireless handheld application to be truly protected, it must address security on three levels.

Device Security
You may want to use your Pocket PC to store and access patient information in areas outside of PocketMD (notes, contact information, appointments in the calendar, etc.). Therefore, any strong security model requires the Pocket PC device, not just PocketMD, to be protected. This protection is provided by Pocket PadLock, a security application produced by PocketMD. Pocket PadLock modifies the inherent password security feature of all Pocket PC devices to adhere to industry-accepted strong password guidelines. These guidelines enforce a password of at least eight characters in a combination of alpha, numeric and punctuation characters. The Pocket PadLock application has been approved for use in the VAMC environment by the Office of Information and Cyber Security. Pocket PadLock makes sure that the device cannot be accessed by anyone but its intended user - - you.

Application Security
To ensure that patient information is viewed only by authorized users, PocketMD requires you enter your access and verify codes from your facility’s information system. In addition, all attempts to access and view patient information in PocketMD are recorded and timestamped for review by security officers.

Wireless Data Transfer Security
PocketMD utilizes wireless technology (802.1x) to transfer patient data between the Pocket PC and your facility’s information system. Since it has been shown that this type of data transfer can be intercepted by unauthorized individuals, PocketMD wants to be sure that your patient data is secure.

Within the VA environment, we have partnered with Fortress Technologies, a proven leader in data security. Their AirFortress product is used to keep your data safe during wireless information transfer. For the private sector, PocketMD offers our own 168-bit data encryption algorithm that meets government security standards.