The Scottish government finds that the iPhone 4 and iPod Touch offer the best fit among Apple mobile devices with the National Health Service. And although Apple's encryption scheme comes up short in the study, researchers give a nod to the devices for their potential as a tool for clinicians.
The NHS is considering an iPhone app for access to its patient administration system, making the information available at the point of care. IT service consultancy Atos Origin Alliance, working on behalf of Dumfries and Galloway NHS Trust, says attackers might be able to view some patient data due to a weak implementation of disk encryption. Specifically, the 8-gigabyte iPod Touch supports no encryption mechanism, the report finds, meaning that data on the device could be accessible.
IPods having more than 8 gigabytes of storage, however, as well as iPads, and the iPhone 4 models, now include a hardware encryption accelerator.
The operating systems on the i-devices had supported disk encryption since the iPhone 3GS, and iPads, iPods larger than 8Gb and the iPhone 4 models now include a hardware encryption accelerator. However, the 8Gb iPod Touch does not support an encryption mechanism, meaning data on the device could be accessible.
Researchers note another area of concern: Apple's orientation of the i-devices for commercial use causes some problems in the healthcare environment. In the quick-closeout feature available via the home button, for example, the system takes a screen shot that could leave data vulnerable.
On the plus side, a remote wipe function lets users remove data using a website if the device is stolen.