01-29-13 | Blog Post

The APPS Act Addresses Mobile Security Concerns

Blog Posts

Striving for data security in an emerging mobile world has policy-makers and government agencies doing their best by providing new tools and proposing legislation to keep pace. A few weeks ago, the APPS (Application Privacy, Protection and Security) Act of 2013 was released for discussion to address mobile data security for consumers.

The bill requires app developers to provide more transparency with “consented terms and conditions, reasonable data security of collected data, and users with control to cease data collection by opting out of the service or deleting the user’s personal data to the greatest extent possible.”

In addition to notifying and asking for consent of users before collecting personal data about them, app developers are required to also provide details about:

  • What type of personal data will be collected
  • Purposes for which personal data will be used
  • Third parties that will have access to the personal data
  • Data retention policy governing the length of time personal data will be stored

The act also allows consumers to opt out of the app and decide what happens to their personal data that has already been collected – allowing them to delete or stop collecting data entirely. Another mobile security measure of the act would require developers to prevent unauthorized access to a user’s data “through reasonable and appropriate security measures,” as well as promote responsible data storage.

Similar to the recent final omnibus rule modifying the HIPAA Security and Privacy rules, the APPS Act focuses on protecting personal data by increasing transparency between consumers, developers and third parties that may access or have access to personal data via mobile apps. Transparency is key when entrusting access to third parties of any type – especially cloud hosting providers that provide high availability network access for critical applications and data.

Check out Four Ways to Gain Transparency with PCI Hosting Providers for a guide on how to gain complete visibility into your cloud hosting provider’s environment and achieve compliance in the e-commerce and retail industries. The healthcare industry can protected patient health information by reading Five Questions to Ask Your HIPAA Hosting Provider.

Mobile Security White Paper
Mobile Security White Paper

If you want to learn more about mobile security from an enterprise perspective, download our Mobile Security white paper. With tips on mobile device policies and achieving mobile application security with secure and compliant hosting, this white paper is ideal for PCI DSS, HIPAA and any other organization concerned about data security.

The APPS Act is open to the public for ideas and commentary. Visit AppRights for more information.

Related Links:
HIPAA? Now HIMTA: The New mHealth Bill
Congressman Mike Honda of Calif. introduced a new bill last Monday – The Healthcare Innovation and Marketplace Technologies Act (HIMTA). According to Congress.gov, the bill will foster further innovation and entrepreneurship in the health information technology sector, as the bill … Continue reading →

The Latest Federal mHealth Initiatives
Back in October, I wrote an article about the Recommendations for Mobile Health IT Advancement, outlining the action items of the FCC’s initiatives to become more of a leader in advancing mobile health adoption. A few of the main initiatives … Continue reading →

Growing Digital Health Market Requires Support of HIPAA Compliant Hosting
Venture capitalists invested 45 percent more in digital health in 2012, up from 2011, according to Mobihealthnews.com and a study by Rock health. That’s a total of $1.4 billion compared to the initial investment of $968 million. The study reports … Continue reading →

The Application Privacy, Protection and Security (APPS) Act of 2013

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved