Securing Mobile Healthcare Apps

Wildflower supports families during every life stage, from preconception and pregnancy, through pediatrics and adult health, supporting common episodes of care over time. Wildflower’s software is highly configurable for health enterprise clients to reflect their health services and benefits, creating a highly personalized experience for application users. The company’s applications are offered to consumers worldwide by leading health plans, hospitals, and employers. Wildflower connects patients and other end users to their available resources through their health plan, employer, providers and the local community, for better outcomes and better economics.

Wildflower serves tens of thousands of users who make millions of updates to their family health information on a monthly basis. The Wildflower development team was facing both regulatory compliance and customer demand issues, as their applications process extremely sensitive HIPAA-regulated data. Wildflower adds approximately one major partner each month, and each partner requires proof of security that their members’ information will be kept safe. Wildflower Health partners with insurance companies, major medical facilities, and others requiring a full audit to ensure security is in place for all mobile applications being used across the board. Before Data Theorem, this time consuming and expensive process often caused delays with partnerships and interrupted their normal flow of business.

Before Data Theorem, Wildflower Health worked with insurance companies to support compliance requirements issued by their customers who are major medical facilities. These medical facilities required a full audit to ensure security was in place for all mobile applications being used across the board. This time consuming and expensive process often caused delays with new opportunities and partnerships, thus interrupted their normal flow of business. Hiring third-party consultants for security audits was an outdated approach that did not provide the continuous daily assessment capabilities to keep WildFlower Health apps compliant and ensure their customer data remained private.

Wildflower Health uses Data Theorem App Secure, a mobile application security solution, to meet contractual requirements for information security. The platform gives Wildflower Health 100 percent security coverage of all their mobile apps, which in-turn provides patient users, healthcare partners, and healthcare providers with the peace of mind that private information is secure. App Secure performs static and dynamic analysis on all iOS & Android applications in search of security vulnerabilities and privacy gaps, helping to uncover static code issues, dynamic run-time flaws, vulnerable third-party SDKs, insecure Open Source Libraries, and compliance gaps for PCI, GDPR, HIPAA, and FTC.

Data Theorem immediately helped Wildflower Health by mitigating several security issues, with 24x7 scanning of mobile applications and their backend API services. Reviews and audits are typically done by large tech vendors and insurance companies. Data Theorem has accelerated their review process by providing up-to-date information on application scans and code details, such as how Wildflower Health monitors source code. Through the Data Theorem portal, Wildflower's IT team stays ahead of the audits and corrects any modern AppSec problem that arises.

During the AppSec review process, Wildflower Health can confidently refer to Data Theorem and pull out any immediate data or reports requested. Data Theorem allows Wildflower Health to quickly provide the evidence their partners require. By using Data Theorem, security issues are proactively corrected and made available across the dozens of apps that Wildflower Health supports.