mHealth – Two Major Challenges And Steps To Address Them

With the potential to enhance patient engagement and care quality, mHealth is advancing by leaps and bounds. To wit, the global digital health market is expected to reach $200 billion by 2020 — with the mHealth market’s compound annual growth rate of around 41 percent. 

Still, there is a flip side. While medical apps are improving in functionality and equipping healthcare providers with a slew of opportunities, new challenges are rising. The major ones include the lack of clearly defined interoperability standards and gaps in data protection.

In this blog post, we’ll get to the bottom of the two challenges and outline the steps that healthcare actors can take to overcome them.

Interoperability: Creating meaningful data connections

The competition among healthcare software developers is really fierce, yet this is what drives innovation in this domain. However, in a try to improve their standings in the market, mHealth developers may pay much heed to strong functionality and little to interoperability.

Defined by HIMSS, interoperability is the ability of different health technologies to easily exchange and use protected health information (PHI). In the context of mHealth, this means a smooth data exchange between mobile or IoT devices and EHR/EMR systems for remote monitoring and chronic disease management.

Today, poor interoperability is the main roadblock to a cohesive digital health ecosystem. What is being done to remove it?

Policymakers step in

In 2015, the Office of the National Coordinator for Health Information Technology (ONC) released the final version of its Shared Nationwide Interoperability Roadmap comprising goals for three periods up to 2024.

The institution encourages health IT stakeholders to adopt commonly available technical standards, shift from the fee-for-service model to the value-based one, as well as align and promote the use of consistent policies and business practices. Together with a focus on greater implementation consistency and innovation, this is expected to set up a foundation for long-term interoperability success.

Health Level Seven International (HL7), a non-profit organization involved in the development of international healthcare informatics interoperability standards, is also in the loop. Its Fast Healthcare Interoperability Resources (FHIR) Specification has recently generated much buzz and attracted a number of supporters. In particular, Apple implements the FHIR standard to allow iOS users to access their medical data from multiple EHRs.

Another way to lift interoperability barriers is to use open Application Programming Interfaces (APIs). Healthcare APIs let hospitals easily connect and engage with patients and insurance companies through web, mobile, and social apps. For example, CommonWell Health Alliance is among the active users of RESTful FHIR APIs.

Data protection: Bridging security gaps

Data security has always been a critical issue in healthcare. And the importance of safeguarding health information only increases in a fully interoperable digital health environment.

So that physicians can get a better picture of a patient’s conditions, clinical and patient apps will need to exchange PHI with one or multiple EHRs. For this, both a mHealth solution and an EHR system should be HIPAA-compliant, which implies that administrative, physical, and technical safeguards are in place. Even if an app isn’t subject to the HIPAA Security Rule (check here whether it’s the case), it may need to comply with other privacy and security laws (e.g. FDA regulations).

When physicians bring their own devices to a hospital to handle PHI, the risks of data leaks get higher. To mitigate them, there’s a need for a secure BYOD infrastructure. Don’t know how to do that? offers a five-step recipe for success.

Other recommendations for a safer use of mobile phones in clinics include enabling encryption and firewalls, activating and/or disabling remote wiping, and installing regular OS updates.

And last but not least: hospitals should have an effective training strategy to raise the awareness and understanding of cyber risks among their employees. Care providers can take St. Luke’s University Health Network as an example. They have successfully implemented an employee training program that consisted of quarterly scenario-based presentations on the protection against phishing, malware, and suspicious URLs.

Key takeaways

Diving into mHealth specifics is impossible without understanding and addressing its major challenges, which are poor system interoperability and gaps in data protection.

However, these challenges aren’t insurmountable. If software vendors follow relevant guidelines proposed by policymakers, fully interoperable and secure mHealth apps won’t be long in coming.

In turn — with these solutions in place — care providers, will reap substantial benefits, including better operations, care, and patient engagement.