Definition: The portion of security testing in which the evaluators attempt to circumvent the security features of a system.
The evaluators may be assumed to use all system design and implementation documentation, that may include listings of system source code, manuals, and circuit diagrams. The evaluators work under the same constraints applied to ordinary users.
Automated Information System (AIS)
Definition: Any equipment of an interconnected system or subsystems of equipment that is used in the automatic acquisition, storage, manipulation, control, display, transmission, or reception of data and includes software, firmware, and hardware.
A recent report by research2guidance
estimates that mHealth services will reach some 500 million users by
But there is a difference between "reaching" all smartphone users
and actually having them "use" the tens-of-thousands of applications
Currently, only about nine percent of adult mobile device users actually
use a health care application. This number is expected to increase
substantially as the mobile generation looks to do more things while on
That same report highlights the largest barrier to adoption is privacy -
how do people know that their personal health information is not out
there for everyone to see and use.
More than 50 percent of those
surveyed said they were very or somewhat uncomfortable with sharing this
information through a mobile application.
As you can imagine, most people will download free applications that are
fun to have or provide general information on health care.
example, applications like iTriage
offer information on symptoms, diseases and medical procedures as well
as a nationwide directory of hospitals, urgent care facilities, retail
clinics, pharmacies and physicians. Good information to have, but
nothing that requires extreme security or privacy.
On the other hand, having sensitive information on illnesses,
prescriptions, surgeries, lab test results and other personal data
flying through the air among doctors, hospitals, insurers, etc. is a
concern to everyone.
Most folks throughout the health care ecosystem
believe mHealth will enhance the quality of service and lower costs for
patients, understanding, but how companies go about securing the
information is paramount for acceptance by patients.
People are just now getting comfortable with online privacy, and moving
that same perception to the mobile device might take some time. As long
as there is a guarantee of security, and the benefits are simply
spelled out, adoption will happen.
While Euro RSCG Worldwide
predicts nearly 45 percent of smartphone users said they will use a
health care application in the future, it would be interesting to know
what percentage of those involved sharing personal information.
Companies and government agencies throughout the mHealth ecosystem need
to reassure people that their personal health information is safer than
keeping money in the bank.
mHealth can provide a cure for what's ailing
health care, and with the proper education, patients will begin feeling
good about using mobile applications.
In the coming weeks, I'll address some of the specific initiatives and
systems companies and agencies are using to protect and secure the
private health care information of patients.
Follow me on Twitter: @TechnicalJones