Today, healthcare facilities are striving to do more with less. One of the tools helping them to accomplish this is mobile. Terms like BYOD, Mobility, and Big Data are making their way into the HIT stratosphere, but creating a mobile workforce is more than just buzz. Government incentives around meaningful use, have emphasized the importance of “going mobile.”
As early as 2009. thought leaders from the Healthcare Information and Management Systems Society (HIMSS) were communicating the benefits of mobile healthcare toward recruiting new graduates and experienced personnel, retaining current staff and improving their performance, as well as optimizing patient care and improving treatment outcomes. As such, the healthcare community has matured to a point where accepting mobility is inevitable, but facilities continue struggling with the same issue – security.
Becker’s Health IT and CIO Review sited privacy breaches and HIPAA violations among top concerns for healthcare professionals. As a growing number of patients and providers rely on access to personal health information (PHI), through healthcare databases and monitoring devices, the volume and risk for unauthorized access grows.
Breaches often occur due to inconsistent device security, encryption methods, public cloud services, and employee negligence. It’s estimated that, in 2014, the healthcare industry spent 5.6 billion dollars in recovery from data breaches – affecting nearly 90% of providers nationwide. And while organizations continue to modify their IT ecosystems, the need for secure mobile solutions to be offered to clinicians has become more apparent.
While there is no “one-size-fits-all” approach to mobility, here’s a look at what we believe are some of the key features for keeping your mobile environment secure:
- Look for mobile apps & platforms built on a native operating system (ex. iOS, Android, Window 8). Web-based solutions can be appealing, but native applications leverage a device’s build-in security protocols.
- Avoid solutions that allow PHI to be stored to the device. This may be a case of selecting the mobile device management software that’s right for you, but apps that allow access to hardware controls, like screen capture, expose organizations to added risk.
- Select tools that compliment your existing security protocols, across devices and databases. Also, look for systems that enhance your current security through unique privacy settings, user permission, and authentication methods.
- Standardizing mobile data entry and processes will help reduce human error. For example, if your solution has a database write-back feature, like miVEDIX, you may not want to have your notes section be unstructured. When possible, work with your solution provider to defined notes that can be universally applied to electronic health records.
- Seek out an “on-premise” technology. In the case of highly-confidential data, this allows all your information to reside privately inside the firewall. As a result, mobile apps will only work on devices connected only to the client domain, inside the firewall, or though a trusted VPN connection.
Finally, it goes without saying. If you’re looking to hire an outside organization to build your mobile healthcare solution, be sure that their staff is HIPPA certified and understands their responsibilities in handle PHI and other sensitive health information.
What do you look for in a mobile healthcare solution? Did we miss anything? Interested in our healthcare solutions? Visit http://www.ivedix.com/mobile/solutions/healthcare/