More than 60 percent of healthcare data breaches occur due to the loss, theft, or misuse of portable devices. Using a common application programming interface across applications and platforms to build and enforce object-level controls in information itself can help providers better protect ePHI and other types of digital data. Information objects can be engineered to be decrypted only when a legitimate user on a known device using an approved application opens them, and to control what the user can do with the information.