Patients are not the only ones who will become more engaged as mobile devices continue to infiltrate healthcare; physicians, too, are reaping the so-called rewards.
As the debate continues to rage about the efficiencies created when EHRs are used in a practice setting, there seems to be little argument as to whether tablet PCs, smart phones and even applications like Skype actually improve the business of communication and interaction with patients and their physician partners and physicians with their colleagues.
A physician whom I very much respect, Dr. David DeShan, is one such physician who communicates with patients and colleagues via Skype from his mission outpost in Moscow, Russia.
Spending weeks at a time in Russia each year, he also maintains his status as a partner and practicing physician at a growing OBGYN clinic in Midland, Texas. As an early adopter of the virtual visit, DeShan is able to maintain contact with his patients if they need a consult, and he’s also able to maintain his connection to his practice so he can check labs, review diagnosis and provide counsel to his practice mates should they request it.
By his own admission, he works a full-time practice schedule from abroad in addition to his full schedule as the leader of a major international mission. By partnering Skype and his EHR, DeShan is essentially a full-time practicing physician without a need to be restricted by the brick and mortar location of his practice. At the same time, he’s able to dedicate himself to his medical mission work in Russia and serve individuals throughout the world’s largest country in places that would never receive even the most primitive of care without him and his network of medical volunteers.
But, I digress. I’ll save DeShan’s story for another day.
The point I’m trying to make is in support of CDW Healthcare’s article “Momentum Surges for mHealth,” which cites a recent IDC Health Insights observation that shows clinicians use more than six mobile devices in the care setting each day.
Accordingly, as the mobile world continues to open new opportunities in all aspects of life, physicians, like all of us, know that they will come to rely more on these devices to practice, communicate and collaborate.
Clinicians and practice leaders continue to embrace the devices in the care setting, and they expect practices to allow them in their work. When technology delivers upon its promise and actually makes life easier, it is obviously going to be supported and used, like DeShan has done with Skype.
The technology helps him bridge gaps and essentially eliminate a half-the-world-away gap between himself and his practice. But, in some places, there are policies in place to inhibit this type of care offering. (Policies in opposition to this type of approach should be considered archaic and simply regrettable.)
The CDW piece goes on to state that according to a University of Chicago School Medicine study, providing tablet PCs to residents actually reduced patient wait times in hospitals. Likewise, the study found that the same residents did not have to look for an open computer for medical charting and actually allowed the residents to spend more time with patients.
Novel concept. Technology working as promised. Not so unbelievable when spelled out so clearly as this.
As I said, mobile health will continue to grow in popularity. If internal policies are not supported and encouraged, you’ll quickly find yourself in a BYOD environment, which is not such a bad thing.
In fact, if it develops or if you’re unable to support your own internal mobile device initiative, set some rules and let it bloom.
According to CDW, “You need to establish and enforce policies for mobile users including setting up passwords, separating personal from corporate data on devices … and you need to educate users on how to securely use mobile devices.”
When managing a population that’s more likely to use or own a mobile device like a tablet PC than the rest of the consumer population, the infiltration is well underway so it’s time to begin reaping your mobile rewards.
Given the increasing popularity of mobile devices that continue to proliferate all areas of our personal and professional lives, clearly personal devices are going to show up in business settings and will be used to disseminate information with internal and external stakeholders.
Even if not an official piece of technology authorized for use in the workplace, their ease of use and availability make them attractive and affordable tools in the professional setting. Though most personal mobile devices not provided by an employer are allowed by employers because organizational leadership believes they lead to more productive employees who are “always on.”
Healthcare is no different. Mobile devices allow physicians to stay connected to their practices, like employees of all other businesses, and where available (as in, practices with systems that support mobile integration) connected devices allow care to be virtually administered from nearly anywhere. In the very least, notes and patient records can be reviewed while the care giver is out of the office or on call giving said care giver a head start on the case should a call come in.
On the other hand, savvy practices are realizing that some patients understand the value of mobile health. Practices are encouraging their employees to interact with patients using portable devices in the care setting. Patients who value mobile technology consider their providers innovative and ahead of the proverbial curve. Sometimes personal mobile devices may be used to accomplish this goal.
However, there are clearly inherent risks involved with blindly and openly accepting the use of personal devices in the workplace that many small businesses simply choose to ignore or overlook. Not because they feel invincible, but most likely because they just don’t know or understand the risks.
Jerry Irvine, CIO of Prescient Solutions — an IT consultancy — points out in a recent editorial for Firmology.com that the most prevalent security risk of mobile devices is that they will be lost or stolen.
According to Irvine, if a smart phone, for example, is stolen, all of the information on it is available to whoever holds it. In most cases, the personal phones don’t have identity-related security benefits to protect the information meaning all personal and business information can be accessed.
As Neil Versel tells in his recent piece, the devices, at some point will go missing. When they do, most affected organizations have little or no plan to prepare for the possibility that the information will be used maliciously. The obvious risk here, in healthcare, is the exposure of patient’s personal health information, cases we hear lots about when they occur.
Offering advice to businesses without a BYOD policy, Irvine provides a nice succinct list of musts that organizations allowing employees to BYOD must consider. Picking some of the high points here, you can see the complete list at the link above.
First off, Irvine suggests requiring and maintaining complex passwords to access the devices.
Next, create a separate encrypted container for business applications and data and don’t allow the same email application to access both personal and business emails.
Set up a registration and provisioning system for the devices that allows for monitoring, remote application installation, locating and wiping of company data. Irvine says, “Use the system to remotely install all company applications as well as mobile device systems updates, patches and security fixes.”
Also, make sure to install antivirus and malicious application scanning solutions keep the devices clean, and disable its ability to access public Wi-Fi networks. Hackers can pirate networks and surf for information though unprotected devices of unsuspecting users. “Allow only known secure networks to include the user’s home network and the company network,” Irvine says.
Perhaps one of the most important steps is to require that all maintenance, updates and disposal of devices be done by the company or authorized vendors who follow specific security requirements. More information than you’d like to think gets swiped while your device is in the shop and you never know.
Finally, don’t allow enterprise data to exist on a personal device, and educate all users on the secure appropriate use of mobile devices. Once you’ve done so, get them to acknowledge and sign an appropriate usage policy.
These steps may not protect you from every incident, but they do create a foundation for what may be an otherwise unscripted and unregulated program. And, putting these steps in place lets your employees know you encourage an environment where initiative and innovation are accepted, and perhaps even rewarded.