How to be HIPAA compliant with mobile device management

SimpleMDM Favicon
SimpleMDM|May 17, 2016
Stylized product illustration
Stylized product illustration

We’ve received numerous inquiries asking how SimpleMDM can aid in achieving HIPAA and HITECH compliance. There isn’t much information on how HIPAA and HITECH relate directly to mobile device management, so we’ve addressed the question for you!

What is HIPAA?

HIPAA, which stands for the Health Insurance Portability and Accountability Act of 1996, has two purposes. First, it protects health insurance coverage for workers and their families if they change jobs or lose employment. Second, it requires the establishment of national standards for electronic healthcare transactions. The latter purpose, detailed under Title II of the act, creates requirements for the privacy and security of individually identifiable healthcare records and outlines the civil and criminal penalties for violations of these standards. This latter title applies to the discussion of this article. HITECH, which stands for Heath Information Technology for Economic and Clinical Health Act, was enacted to promote further the adoption and meaningful use of health information technology. It details the requirements for notification in the event of a data breach, how electronic health records can be accessed, and what agreements need to be in place between the associates of a business.

How does SimpleMDM help?

SimpleMDM aids your effort in being HIPAA compliant. Below, we’ve outlined areas of concern for HIPAA compliance and the SimpleMDM functionality we suggest using.

Control access to devices

your company's SimpleMDM allows you to enforce passcode requirements on all devices. Require users to create a passcode that meets the complexity requirements. Automatically lock devices after a specified duration of inactivity. Automatically self-destruct on-device data if it’s detected that someone is attempting a brute-force attack to break into a device.

Recover missing devices & secure data

Track a device's location at any time using SimpleMDM’s location tracking feature. If a device is lost, enable iOS Lost Mode, which locks a device and allows OS-level location tracking without requiring an Apple ID. If a device cannot be found and recovered, optionally wipe the device data remotely.

Keep software updated

Both iOS and installed apps can become outdated and contain security risks. Use SimpleMDM to track software versions of iOS and the apps installed and update iOS and mobile apps remotely if they become obsolete.

SimpleMDM’s inventory functionality also allows administrators to verify that encryption is enabled on devices, keeping data secure if a device falls into the wrong hands.

Encrypt data transmissions

SimpleMDM allows you to configure VPN connections and enforce a global HTTP proxy on devices. Using these technologies allows a company to encrypt the data transmissions between devices and web services.

Lock it up! Encrypt to your heart's content with the Apple Lock Guide for MacAdmins.

Limit data portability

Using SimpleMDM, administrators can take advantage of Open In Management. This iOS feature allows one to restrict documents in managed apps from being opened elsewhere on the device if medical records are being used in one app. In that case, this feature can make it difficult for medical records to be opened in unauthorized apps or distributed in ways that are against policy.

How can I get started?

If you already have a SimpleMDM account, just sign in. If not, it takes less than a minute to create an account.

Alternatively, contact us if you would like to discuss your organization. We’re happy to help.

SimpleMDM Favicon

SimpleMDM is a mobile device management solution that helps IT teams securely update, monitor, and license Apple devices in a matter of minutes — all while staying on top of Apple updates automatically.

Related articles