My father had a cellphone before most people had even heard of them. I remember his proud face that day in 1991, when he came home brandishing what appeared to be a sturdy, oversized briefcase, and announced that we were now a mobile phone-owning household.

I remember the thrill of leaping into the car to drive the 10 minutes to my grandmother's house. Halfway through the journey, we heaved the phone out of its case and dialed her number. "Can you hear me? It's us! We're en route! Yes, IN THE CAR!" It was an exciting moment. But a week or two later, the unwieldy nature of this hefty device, and the lack of anyone else using one, rendered our new phone nothing more than a novelty. With no particular use for it, the whole kit was relegated to the cupboard, and we spent the next decade on our landline.

The creep of the cellphone in my city coincided with the millennium. One day nobody had one; the next, every person on the street had a phone attached to their ear. I succumbed to peer pressure: Suddenly, with all my friends sending text messages, I could see a use for the cellphone after all. But it certainly didn't have anything to do with health. Well, nothing good, anyway. There was a lot of talk about the unproven risks that people feared cellphones might pose to health: cancer from phone masts, brain tumors from holding the phone next to your brain, interference with hospital equipment... I even published a paper about how cellphones could turn off defibrillators at close range, that was subsequently cited regularly in hospital policies on the subject. Cellphones were generally accepted as a potential health hazard, but nobody ever suggested they could also be the opposite.

It turned out that again I was too quick to judge utility and relegate cellphones to the back of the medical supply closet. It has been fascinating to see the evolution of mobile devices in health care over the last decade. At Friday's roundtable event hosted by the Office of the National Coordinator for Health Information Technology at the Department of Health and Human Services, a gathering notable for its profusion of bowties and smartphones, I heard from the doctors who use mobile devices in practice to improve patient care. They are using them to communicate with patients, view health records, diagnose X-rays, schedule appointments, issue reminders, make referrals, prescribe medication, monitor diabetes, calculate body mass index, identify medication interactions, check the latest evidence, and prescribe health information. Cellphones are being used in prevention, diagnosis and treatment, from prenatal to the last years of life, right across the spectrum of care. In health and development, "mHealth" (short for "mobile health") is the new black.

But is safety keeping up with technology? My 2003 publication on how cellphones interfere with hospital devices is as outdated as the cellphones it describes. People aren't worrying anymore about whether their cellphone might turn off their heart monitor; they're worrying about who might be able to see the information on that monitor. Or their blood results. Or their diagnosis. Or their identity. Data security was once something that the librarian took care of with a shiny key that locked the medical records office in the hospital basement. Now, it's digital, and a physical lock can't protect these records. The question is whether anything can.

The speakers at the event focused on the current mhealth dilemma: We want to free the data, and we need to keep it secure. Doctors, nurses, and patients want to be able to use the new technology and access the data to innovate and drive up safety and quality of care for patients, but to keep it secure that data must be protected with the digital version of the librarian's shiny key. The real risk is that in the zeal to innovate, mHealth users are outpacing vendors' mHealth security solutions and health care organizations' governance procedures. Innovating to achieve the right levels of security is a critical next step in mHealth, and security is one of the key barriers to officially sanctioned progress.

However, according to Friday's speakers, health professionals and patients alike are already starting to compromise on security to access the potential -- emails, text messages, apps, and more. While there are plenty of secure solutions out there, some are as unwieldy and expensive as my father's first cellphone, and for many vendors of mHealth tools, regulating to demand their use is the equivalent of shutting the door after the horse has bolted. The mHealth tools are already too ubiquitous and too useful, and there are too many competing interests to be able to impose high levels of security on them all. But health organizations can work with governments, regulators, health professionals and industry to demand, develop, and contract for that virtual librarian's key that will keep health information safe on their platforms, and in doing so, enable larger scale, secure mHealth innovation. And as the solutions become cheaper, simpler, and more convenient, and higher levels of security become the norm, perhaps this will create new expectations and the market will nudge more and more mHealth vendors to drive up their security provisions in a way that regulation alone may struggle to achieve.

While it's important to keep things in perspective (paper medical records are at least as susceptible to getting lost as digital records, as any librarian will attest, and sharing them by fax or post is hardly failsafe), a lot of people could be accessing your personal information through digital channels, without your knowledge, much less your permission, with all sorts of incentives for doing so.

My father has started using a random app on my mother's iPhone to monitor his body mass index and decide whether to skip that chocolate bar. Unless otherwise agreed, that information should be strictly between him and the chocolate bar. But is it?

For more by Dr. Layla McCay, click here.

For more on health care, click here.

Follow Dr Layla McCay on Twitter: www.twitter.com/LaylaMcCay