MomConnect Security Findings and Recommendations

PDF document icon MomConnect Security Assessment Report FINAL_tr-17-231.pdf — PDF document, 1,029 kB (1,054,548 bytes)

Author(s): Annah Ngaruro

Year: 2017

MomConnect Security Findings and Recommendations Abstract:

The U.S. Agency for International Development-funded MEASURE Evaluation—Strategic Information for South Africa (MEval-SIFSA) project and other partners have provided support to the South African National Department of Health in the implementation and rollout of the MomConnect mobile health intervention since its launch in August 2014. As part of this support, in 2016 MEval-SIFSA conducted a system and data assessment to assess the MomConnect system’s compliance with the existing legal requirements for data privacy and security best practices, identify any vulnerabilities, and assist with identifying and addressing vulnerabilities. This security assessment was conducted by a Certified Information Systems Security Professional using a step-by-step process that included extensive questionnaires, in-person assessment and examination, and the use of automated security testing tools.

This report discusses the assessment purpose, process, and results, and it presents the implementation recommendations identified. These recommendations, regardless of priority level, have been categorised as short-, medium-, and long-term action items to help guide the implementation process.

Filed under: MomConnect , mHealth , Mobile technology