Health care and mobile man-in-the-middle risks: Guidance for HIPAA-covered entities