On July 23, the National Institute of Standards and Technology (NIST) through its National Cybersecurity Center of Excellence (NCCoE) published a draft step-by-step practice guide on protecting medical information stored in and shared between mobile devices, such as tablets and smart phones. NIST issued a press release about the draft guide.

The guide uses a case-based approach to identify commercially available and open source solutions to implement security safeguards for patient information when healthcare professionals use mobile devices in conjunction with an electronic record system. NCCoE explains that organizations can use some or all of the guide to help them implement relevant standards and best practices for compliance with the HIPAA Security Rule. 

NCCoE is soliciting comments through September 25, 2015. Comments can be sent to:HIT_NCCoE@nist.gov