Alas, Poor Peter, he only used his PDA March 4, 2010 By Bob Larrivee, Director & Industry Analyst for AIIM

The world is shrinking, or so the saying goes. Shrinking in terms of how quickly we can respond and move into action in our business lives. 24/7/365 service is available and more commonly used to keep competitive thanks to those little devices known as PDA’s (Personal Data A……..). You know what they are. It began to gain notoriety with the Palm Pilot and how many of you remember Apple’s attempt with the Newton? (I had one and at the time, it was great!) Today we have the Blackberry, Dash, a slew of others including Apple’s latest entry, the iPhone. Not only can we communicate through these devices using our e-mail and text messages, they are also cell phones should we choose to actually speak with someone. They are the Swiss Army Knives of technology!

Now enter compliance. As technology moves farther and faster than ever, it also opens the potential for risk. Take poor Peter for example. Peter is sitting in an airport awaiting his flight when he receives an e-mail on his PDA. The email came to him with a document attachment containing the medical reports for one of his patients. (Did I not mention that Peter is a Doctor?) Being the diligent Physician, using the technology he has in hand, Peter opens the document to review the results. Normally, this is not a problem however Peter is greeted by a friend and being the well mannered person his Mother raised, Peter puts his PDA down on the seat next to him in order to stand and greet his friend properly.

While Peter and his friend are talking, the PDA slides off the seat and onto the floor below. Almost simultaneously, the call is made for Peter to board the plane. He quickly gathers his belongings, boards the plane and all is well, until at some point en route, he realizes his PDA is missing. Upon landing, he reports this to the airline officials who call the airline officials of the departure point. Try as they may to locate the device, it is nowhere to be found. Peter must now report the lost device to his service provider for replacement and service cancellation but is comfortable in knowing that the patient record still exists in his email account so recovering that information is not a problem once he has internet access with his computer.

The question now is one of Patient Privacy and how does this loss play under HIPPA? You see, not only did Peter have this particular patient’s information in his PDA; he has many records that are stored there because he did not have a policy or process to delete this information regularly or when it was not longer needed for immediate action. Another question to ponder relates to ethics and whether Peter is bound to report this information loss to his patients and perhaps the Medical Board. Breach of security is a real issue and the potential for this is increased through the use of PDA’s as a business tool.

That is not to say we shouldn’t use these devices in business. Technology is wonderful thing and more specifically, PDA’s and their increased capabilities are a modern day marvel that help us become more organized, more efficient and more effective in our daily lives. The challenge we face is one of maintaining compliance with regulatory statutes. PDA’s are a delivery channel that must be taken into consideration as an integral part of any ECM or ERM environment. As such, they must be included in the overall security scheme of your organization and looked upon as not only a tool but a risk. Imagine if this information were found in the wrong hands, what might happen. Imagine if this was financial information with account numbers, names and more. Imagine if something disastrous were to happen as a result of this information loss. The responsibility lies with the organization to set policy in place and with each one of us to ensure those policies are met. Use the PDA, but use it wisely.

Bob Larrivee is Director and Industry Analyst for AIIM. Bob can be reached through the AIIM Education Center at This e-mail address is being protected from spambots. You need JavaScript enabled to view it and followed on Twitter as @BobLarrivee.