2.4.4 Risks, Key Differences, and Environmental Scan

Use Case Impact Factors

  • 9 May 2018
  • Author: HL7 CMHAFF
  • Number of views: 8129
2.4.4 Risks, Key Differences, and Environmental Scan

  2.4.4 Risk Factors

For apps, especially those like Use Case C, there are several potential threats and vulnerabilities which should be assessed and mitigated, where necessary, by mHealth developers (see 3.2.2 Product Risk Assessment and Mitigation). While cMHAFF does not attempt to “do” the risk assessment for any particular mobile app, the following are examples of specific risk scenarios that may be applicable and point to cMHAFF criteria (-> potential mitigations are listed in parentheses). Some of these potential risks are motivators for the conformance criteria in cMHAFF. Where risks have both high likelihood and high impact, SHALL criteria are indicated.

 RISK FACTOR

 CONFORMANCE SECTION

Consumer loses their device. Confidential information is handled by the app, and there is risk of information disclosure (-> encryption of data, automatic timeout/logoff)

Section 3.5.1

The device can be lost or damaged, impeding the consumer’s use of the app, thereby impacting their care, even if privacy is protected. (-> information about backup of data, ability to restore to new device)

Section 3.3.1

The consumer, for convenience, may turn on “automatic login” (saved credentials, “remember me”), so the app may be accessed without re-authentication. (-> don’t offer such a feature if app handles PHI)

Section 3.4.1

The app is used and left open, where others could see it while the device is unlocked (-> automatic timeout/logoff)

Section 3.4.1

Measurements are not captured accurately or not transmitted accurately, and consumer takes action based on inaccurate measurements (-> quality management, disclosure of evidence)

Section 3.2.2

A data collection device paired with the mobile phone may in fact be for a different person (mis-association of data) (-> Pairing User Accounts)

Section 3.4.1

A third-party cloud-based platform may have inadequate security measures of which the consumer is unaware. (-> disclosure of infrastructure security measures)

Transmission between mobile app and cloud-based platform may have inadequate or unknown transmission security (-> encryption of data in transit)

 

Section 3.4.4

The consumer exchanges or discontinues their use of the mobile device without removing all data from the device or other locations to which the device transmitted data. (-> App and Data Removal, Permitted Uses of Data Post Account Closure)

Section 3.5.1

The healthcare provider to which the app communicates data has little or no control over the device characteristics, environment, or usage patterns, unlike enterprise IT where only approved/provisioned devices are used. (-> out of scope, not a developer issue, but should be documented in product risk assessment)

 

Section 3.2.2

 

2.4.5 Summary of Major Differences in Use Case Scenarios

 

 

Simple Device Integrated

 EHR Integrated

 Medical Device App Categorization

Wellness Wellness or Medical

Medical

 Data Device Categorization

None Unregulated or Regulated Device

Regulated Device

 PHI Data Storage

Smartphone Smartphone/PHR

Cloud/EHR

 Data transmission by App

None Device-App-PHR

Device-App-Cloud-EHR

 Importance of Data Integrity

Low Mid

High

 (USA) HIPAA covered?

No No, but Yes, if white-labeled

Yes

 

 

 

 

 

 

 

 

 

 

 

2.5 Environmental Scan

The documents mentioned below are not standards, but explain the state of the mobile health industry in the USA and Europe, and assist developers to understand which legislation is applicable to their apps.

 

Print
Please login or register to post comments.