Identos helps developers secure medical apps

By Rosie Lombardi

Mike CookA multitude of developers are working on mobile medical apps that could make life easier for doctors. But many are languishing because building the bullet-proof security needed is complex and time-consuming.

Toronto-based Identos has tackled the issue by developing a mobile security solution for healthcare that can be easily incorporated into any software, from small mobile apps to big hospital systems. “We have customers who had already built the security component themselves but then they switched to us,” says Mike Cook (pictured), president of Identos.

“We build a beautiful trail of data compliancy for the healthcare organization to leverage,” adds Cook. “They get good visibility of what was accessed on mobile channels once the data gets out of their data center and onto a mobile phone.”

A range of organizations in Canada and the U.S. are already using Identos’ high-end encryption solutions, he says. “Most recently, we’ve secured a major Toronto hospital. They’ll be using the platform to demonstrate their first mobile application that allows patient and institutional engagement to take place. This is expected to drive down costs and eliminate a legacy paper-based process for them.”

The company is also working with small developers. “We’ve already partnered with some universities. And we’re now making our product available as a low-cost, fast offering for smaller startups so they can get fully-secured products to market a little more easily. We actually videotaped a developer building end-to-end encrypted security into their app using our technology – and it took less than four hours.”

Cooks says Identos used the security technology industry’s best practices in developing a high-functioning encryption infrastructure to manage digital identities – and then went a step further. “What we do that’s different is we wrap this complex infrastructure into a software development kit for applications that’s easy to use and easy to integrate.”

Without Identos, many companies that don’t have the resources to build complex security have to resort to offering a ‘Web-like’ experience. “This means you don’t allow any healthcare data to go onto mobile devices, so instead of having a fast and efficient ‘native’ app running right on the device, you get a more time-consuming Web-like experience. You have to fill out data in a progressive form versus a native app where you can go in and out of various screens to access and manipulate different data fields more fluidly.”

In addition, many hospitals have ‘dead zones’ without Wi-Fi access, so native apps allow mobile users to access data offline. “There are lots of cases where you need data resident in a local device in order to be able to use it in when you don’t have connectivity.”

Identos is flexible and allows developers to decide how much risky data they’re willing to store natively on the device in accordance with the privacy policies they select. “Our encryption key management platform allows the developer or the account holder to set policies for how the data is to be managed to determine the level of risk and convenience that suits them. A very risk-averse privacy officer would never let data stay on a local device, for example, and a less risk-averse privacy officer would let data stay there for a certain amount of time.”

Cook says the company has been growing steadily over the past two years since Identos was launched, but he’s expecting a growth spurt this summer. “For now, we’re the only game in town, offering a very simple encryption service to developers. We’ve got a large uptake of small developers and startups in the healthcare space. And we’ll likely continue to get one to two larger healthcare organizations per month jumping onto our platform over that period of time.”

Looking towards the future, Cook says the company is making play to extend its platform to the Internet of Things (IoT) security, and identity management which will allow Identos to offer solutions to enter this space. Security is a new and growing concern for Web-enabled devices such as pumps, monitors and other devices used in hospitals.

“Managing the security and identity of those devices is where the next wave of improvement in our healthcare environment and cost structure will come.”

For more information, visit