Mobile Phone Encryption and HIPAA Compliance

October is National Cybersecurity Awareness Month

Are you taking appropriate steps to protect your data as well as your customers’ data?

Mobile Phone Encryption

Do you or any of your employees/coworkers use your mobile phone for work? Most likely. If it isn’t strictly part of your work procedures, do you ever use your cell to get updates, ask questions, or look up information related to patients or customers? HIPAA states that all PHI must be encrypted in transit and at rest – make sure your phone is encrypted!

Encryption essentially scrambles your phone’s data and puts it back together when you enter a PIN or password. Be aware that third party apps store information on their own servers, which may or may not be encrypted!


While some newer models of Android come with encryption enabled out of the box, it was not always the default. Head into the Settings menu and tap on “Security” to see if your phone is already encrypted or not. If not, you can encrypt the phone from this screen. How-To Geek has step by step instructions here.


All iPhones come encrypted out of the box. However, if you disabled using a passcode on your phone, then your data is vulnerable. Go to the Settings app and set one up with the “Touch ID and Passcode” menu.

This October

Check with your coworkers and/or employees and make sure everyone is taking steps to protect private health information to maintain HIPAA compliance.

Bonus: taking steps to maintain data security benefits you as well as your patients or customers. In the end, it’s not just about your customers’ data and privacy – it’s about yours too!