Tag: BYOD

How Mobile Containerization Can Simplify and Improve Patient Care

Paul McRae
Paul McRae

Guest post by Paul McRae, director of business development, healthcare, AirWatch by VMware.

The evolution of mHealth has caused a dramatic increase in the use of mobile devices across the healthcare landscape. Mobile innovations are now positioned to vastly improve both the quality and quantity of the lives of human beings. New technologies and applications are helping organizations lower costs and provide higher quality service to patients. Mobile deployments in the healthcare industry enable clinicians and healthcare IT professionals to access medical records, diagnose illness, integrate with existing providers, enhance patient engagement and improve EHR interoperability.

As EHRs and the growth of deployed mobile devices and apps become increasingly popular, the need for mobility management and security is paramount. To embrace mobility, healthcare organizations must provide secure, easily accessible apps for staff and IT departments must manage devices while remaining HIPAA compliant and protecting patient records.

Enter containerization, an emerging class of management tools that carve out a separate, encrypted zone on the user’s smartphone within which corporate apps and data can reside. Policy controls apply only to what’s in the container, rather than to the entire device.  Mobile containerization offers a way for hospitals to securely deliver apps and data to clinicians without interfering with the users’ ability to access their personal content.

Currently, the end user is divided into two separate personas – the personal and the corporate. Duality provides two different levels of security for very different forms of information present on a device. For example, the corporate security measures might require compliance with federal or HIPAA regulations, a form of monitoring that would be seen as invasive to employee privacy.

Mobile platforms are beginning to integrate containerization into their frameworks, which allows for more secure and tighter amalgamations of data with their corresponding operating systems. OEM’s are placing containers for work use with the underlying OS for greater efficiency, better feature support and improved user transparency. This embedded form of containerization allows IT to maintain consistent security policies to mitigate threats on every mobile device, from smartphones and tablets to laptops, peripheral devices and emerging machine to machine (M2M) technologies.

Containerization allows healthcare organizations to remain compliant with the stringent security requirements they must meet, while providing employees a consistent user experience across multiple platforms. However, each mobile operating system presents its own security challenges, such as Web-based malware or the ability to download apps outside of designated app stores. Securing corporate information that has been accessed on personal devices from applications and content repositories remains a major challenge, especially to ensure data loss prevention (DLP) if the device is stolen or the employee leaves the organization.

Continue Reading

Survey: Top Concerns for Healthcare IT include Data Growth, Bring-Your-Own-Cloud

Jay Savaiano

Guest post by Jay Savaiano, director, worldwide healthcare business development, CommVault.

Healthcare professionals are inundated with an abundant amount of ways that they can access and store clinical data. Healthcare IT departments are given the task of making sure the delivery of that clinical data is readily available and can be accessed via a myriad of devices, as well as in a secure manner that meets the compliance standards that the entire enterprise has agreed on upholding. The deluge of data and the ever-changing ways that the data is accessed is creating some major challenges and concerns for the majority of professionals who are responsible for managing the nation’s healthcare information stream.

In a recent nationwide survey of healthcare IT managers in enterprise organizations, 75 percent of respondents – up 14 percent from last year – indicated they were concerned about the protected health information (PHI) residing in Bring-Your-Own-Cloud (BYOC) solutions, such as Box or Dropbox. A large number of BYOC solutions even offer the first 2GB of storage for free, which may speak to their popularity.

Savaiano survey pictureToday, smart phones, tablets and computers that have helped proliferate the popularity of “Bring-Your-Own-Device” programs all come out of the box with some sort of free cloud-based storage solution. Though Intel and ReadWrite report that 49 percent of U.S. IT managers “Strongly Agree that BYOD Improves Worker Productivity,” when you couple BYOC with BYOD together and add protected health information to the mix, healthcare organizations can be opening themselves up to a tremendous amount of liability.

With the policies inherent in clinical applications themselves, it is easy to maintain the security of the content, which is often structured and rarely stored locally. However, the challenge revolves around the unstructured data with PHI. For example, if a clinician maintains a spreadsheet of basic patient data and he or she places that spreadsheet in a BYOC-type solution, both the clinician and the healthcare organization are putting themselves in a liable position. Only when cloud-based solutions are authorized by the healthcare facility and meet the organization’s compliance criteria – which can and usually dictates the cloud provider is willing to sign a business associate agreement in support of HIPAA – are the organization and clinician able to limit the potential liability impact. There can still be other factors that create new liability, but by making the limitation of rogue cloud storage a priority, healthcare organizations can better protect themselves against a potential data breach and subsequent lawsuit.

Continue Reading

The Benefits and Challenges of Connected Healthcare

Edward Keiper
Edward Keiper

Guest post by Edward Keiper, president and CEO of Velocity Managed Services.

For physicians’ practices in the 21st century, connectivity is the buzzword. Getting doctors connected to data, patients connected to healthcare providers, and practices connected to networks are just a few of the web-fueled scenarios coming down the pike.

The Health Information Technology for Economic and Clinical Health (HITECH) Act is a game changer and affects just about every aspect of modern medical care. HITECH, part of the American Recovery and Reinvestment Act of 2009, promotes the adoption and meaningful use of health information technology.

As is often the case with a shift this monumental, there are both benefits and challenges of connected healthcare that practice groups will have to address. First, let’s take a look at some of the benefits.

1. Join the Digital Revolution. Just as other industries that went digital years ago, healthcare benefits from the streamlining offered by a networked environment. Clinical interoperability of healthcare IT lowers costs and enhances efficiency by facilitating the comprehensive exchange of health information between care providers, hospitals and patients.  The trend is toward innovation in healthcare as the industry as a whole responds to consumer demands and government reforms.

2. Safety in Numbers. As of 2013, more than 323,000 American medical practices and hospitals adopted EHRs and attested as meaningful users, indicating a 266 percent increase over 2012, according to CMS statistics. However, even with this upsurge in participation, those numbers represent only a small percentage of US hospitals that currently keep electronic records and contribute to the health information exchange. So, while the risk of being an early adopter is largely gone, your practice group could still be near the front of the adoption wave.

3. It’s easier. As you can see from the statistics in the previous point, healthcare IT adoption is in an early phase, and for most practices, there is a lack of centralization. To help elucidate the complexity of the system, look no further than the state of Florida, where there are at least 672 EHR vendors. Connecting health information digitally creates a central database that greatly simplifies the process of storing and retrieving all patient data. It’s like finding the needle in the haystack every time.

Continue Reading

With the Rise of Mobile Computing and BYOD in Healthcare, Protecting Patient’s Personal Health Information Has Evolved into a Complex, Overwhelming Undertaking

Darren Leroux
Darren Leroux

Guest post by Darren Leroux, senior director of product marketing, WinMagic.

Gone are the days where all personal health information solely lived in giant filing cabinets behind a receptionist’s desk or in the administrative office of a hospital. Today, patient data resides everywhere – desktops, laptops, smartphones, tablets and USB drives. Understandably so – given the rise of mobile computing and bring-your-own-device (BYOD) policies in healthcare, the once straightforward process of protecting patient’s personal health information has since evolved into a complex and overwhelming undertaking.

Just the Facts

According to a recent study, 81 percent of healthcare organizations are now allowing employees and medical staff to use their personal laptops and mobile devices to connect to provider networks or access company email. Interestingly enough, the same study found that of that 81 percent of healthcare institutions enabling a BYOD strategy, 54 percent did not believe that those devices were secure enough in the workplace; 65 percent of data breaches reported to the Ponemon Institute occurred on laptops and mobile devices over the last five years — it’s no wonder that more than half of those surveyed aren’t confident in the security of their devices

When we refer to personal health information at risk, we’re not just talking about historical health records – the potential for a data breach casts a much wider net, including patient billing information, clinical trial data and even employee information like payroll numbers. With so much sensitive, unprotected data up for grabs, we’re inclined to ask ourselves – how? How is this significant rise in healthcare data breaches even possible, and how do we stop this from continuing?

Below are the top three gaping security holes in remote healthcare data practices that are answering our question of how is this rise in breaches in possible:

Continue Reading

Medical Apps are Here to Stay: So How Do We Keep the Value and Lose the Risk?

Domingo Guerra
Domingo Guerra

Guest post by Domingo Guerra, president & co-founder, Appthority.

Last year, 2013, was a big year for mobile applications, including medical and health-related apps. As many medical centers have sought to increase patient engagement, improve outcomes and reduce healthcare costs, digital tools, such as iPads, smartphones, online portals and text messaging in hospitals are rapidly becoming commonplace. Smart health tech has gotten serious. Patients and doctors alike use medical apps. Physicians can access symptom checkers, drug information, medical calculators and more via smartphone and tablet apps. Patients can use apps to find doctors, set appointments, order prescriptions, receive test results, track calories, measure their heart rates and even monitor chronic diseases like diabetes. Patients and doctors agree that the immediate feedback and increase in available data will change the face of medicine. But will the face of privacy change with it?

Acquiring huge amounts of personal data from individuals could enable a more personalized and data driven approach to medicine. This is a very seductive concept, based on the implicit assumption that the more healthcare providers know about the patient, from analyzing his or her data, the better (and more customized) care the patient will receive. However, personal data, now collected and collated by the user’s health gadget, will be incredibly valuable to more than just the patient and the provider. Devices, whether they’re Google Glass or fitness wristbands will need to be integrated with newly developed apps, and existing apps will need to be heavily adapted to work properly. These technology integrations can potentially open back doors that allow cybercriminals to enter and extract sensitive data.

The aggregated data gathered from a wearable wristband capable of tracking a user’s heart rate, and expiration rates along with their blood sugar level and, of course, location can offer a truly comprehensive view of a user. Yes, it’s still early in the healthcare wearables space, but it was “early” in the mobile and BYOD spaces not long ago. Just as BYOD has led to security concerns for sensitive corporate data, these new healthcare devices should be a concern for personal privacy. As users are now literally plugging themselves into the Internet, it’s important to remember that cyber attackers can gain details about daily routines, patterns, and lifestyle, as well as location. This private information, tied together in a dossier that can include a user’s location, income, health status, and other attributes such as sexual orientation, could be of interest to many other groups.

Continue Reading

Logicalis: Five Steps To Help You Navigate Healthcare IT’s Roadmap to Success

Ed Simcox
Ed Simcox

Guest post by Ed Simcox, healthcare business leader, Logicalis US.

Healthcare is undergoing a significant transformation today, and so is healthcare IT. As a result, healthcare providers and their IT departments need to brace themselves for change – which is happening faster than they might realize – in five business-critical areas: healthcare IT infrastructure, mobility and BYOD, business continuity and disaster recovery, storage and vendor-neutral archives, and patient portals and mobile applications.

With pressure mounting to meet new regulatory requirements and ICD-10 deadlines, as well as the increased demands being placed on IT departments for interactive communications among patients, providers, and payers, healthcare CIOs need a set of “best practices” to help them navigate this IT transformation and arrive at the data-driven, value-based future of healthcare from where they stand today.

We call this IT transformation a “journey” because it isn’t something that happens overnight. This is a multi-stage process requiring significant evaluation of not only IT systems, but also of what the future workflows and business processes will be and how healthcare providers, patients and payers can all seamlessly share time-critical data. It’s a journey that is taking healthcare IT to the new levels of IT sophistication needed to support a substantial business change from volume to value, and there are five important milestones that every healthcare IT department is going to have to tackle along the way.

HIT Infrastructure — Of all the technical capabilities healthcare IT professionals are being asked to master today, the key is an ability to rapidly adapt to change. As a more technology-oriented generation of doctors and tech-savvy patients take their place in healthcare’s future, IT is going to be drawn increasingly into the actual delivery of health services. As a result, healthcare IT professionals won’t be spending the bulk of their time caring for their IT infrastructures. The good news is that if the IT infrastructure is transformed from today’s siloed systems into a virtualized, automated IT-as-a-Service resource, then the IT department will be able to focus its efforts directly on using technology to help doctors and nurses care for their patients and allowing patients to electronically manage their own care and wellness.

Continue Reading

Data Breaches of Protected Health Information Will Get More Frequent in 2014

Michelle Blackmer

Guest post by Michelle Blackmer, director of marketing, Healthcare, Informatica.

The volume of protected health information (PHI) in electronic form is exploding – both from the wholesale move from paper charts to electronic health records for capturing clinical data and with the proliferation of new sources of electronic data from networked medical devices. Additionally, IT staff have been overwhelmed by regulatory mandates, rampant technology changes (e.g., virtualization, BYOD, big data), massive application projects and flat or decreasing budgets.

This increase in electronic PHI combined with the challenges for health systems IT make it even more important for providers and non-providers to find efficient ways to secure their data. However, with malicious activity showing a consistent upward trend, absent a change to an almost maniacal leadership focus on protecting patient data and the deployment of available tools and processes as an organizational imperative, 2014 will bring even more frequent and larger breaches of PHI.

Current data security climate

Even still, many healthcare organizations are not taking the necessary steps to reduce the proliferation of unprotected PHI in non-production test and development environments. Ninety-four percent of respondents to the third annual Ponemon Institute Benchmark Survey on Patient Privacy and Data Security had at least one data breach in the past two years, and 45 percent reported having had more than five total incidents each. Even more surprising is that the leading cause for a breach is a lost or stolen computing device that houses PHI.  The survey also found that:

Continue Reading

Bringing mHealth to Rural North Carolina with Video Conferencing and BYOD

Guest post by Garrett Taylor CEO of Uplift Comprehensive Services.

My organization, Uplift Comprehensive Services (residential services) is fully involved in “mhealth.” We use mobile high-definition video conferencing, which allows our doctors and clinicians to care for patients in geographically remote areas of North Carolina, and gives them full access to electronic health records and an easy way to collaborate each other. Along the way, we’ve improved patient service, enhanced productivity, and cut travel and office costs.

By combining video conferencing technology with a bring your own device (BYOD) mobile strategy, Uplift saves at least $500 for each scheduled physician visit. The thousands of dollars we save each year can be used instead to find grant opportunities for better patient care.

It’s not as hard as you might think to use video conferencing in a mhealth strategy. What follows is an explanation of Uplift’s mobile video conferencing approach.

Uplift Comprehensive Services has been in business for 12 years, covering 15 counties across North Carolina. We offer community-based assistance for children, adolescents and adults, with services substance abuse prevention to mental health treatment. Our treatment options include multi-systemic therapy, outpatient therapy, and medication management, among others. Continue Reading