Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BYOD: Implications for healthcare

Tirupathi Karthik, CEO, Napier Healthcare | June 20, 2014
As hospitals and healthcare companies ride the massive mHealth wave to efficiency, they will inevitably need to address the increasing demand for BYOD from employees

However, there are a few caveats that must be addressed even as BYOD adoption accelerates.

According to Gartner, three of the most critical issues are corporate governance, mobility management and security. Inadequate focus on these imperatives can only lead to BYOD implementation failure.

In particular, the privacy of patient information is paramount and non-negotiable.

1)      Device Security. Having access to such information through personal devices means extra measures must be taken to prevent unauthorised access. Device security, in terms of encryption and access controls, is critical.  It is critical to deploy the right technology to prevent any malicious attempts to tamper with or alter medical records from outside of the hospital. However, these measures must not be so onerous as to defeat the purpose of flexibility and ease of use. Some hospitals allow read-only access for medical records from outside the office but the read-write access is available when the device is within the premises.

2)      Network Security. On a related note, there must be security of data as it gets transmitted through the public network. Virtual private networks, for one, can work wonders in this case. Two-factor authentication adds an even stronger layer of security and it can also be used where needed. In the US, stringent regulation ensure that records are transmitted only in the secure communication mode coupled with data encryption.

3)      Infection Control. Finally, unique to the hospital environment is the issue of infection control. Equipment must be properly sterilised, particularly in high risk areas - This means ruggedisation of  devices to adapt to the usage and practices prevalent in the clinical environment.

Whichever system is chosen, the solutions and consulting methodology must be compliant with the Health Insurance Portability and Accountability Act (HIPAA). The HIPAA Security Rule requires that healthcare providers set up physical, administrative and technical safeguards to protect the electronic health information with safety measures such as access control to the information and encryption of the stored information.

Conclusion: Adopt BYOD in conjunction with specific initiatives

Despite these challenges of integrating unofficial hardware into the hospital ecosystem, avoiding BYOD is not an option, given the many positive benefits that accrue. Yet it must be approached with proper care. By purposefully introducing key technologies like security and ruggedisation, many of the challenges can be mitigated or even removed, and more importantly, the benefits realised.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.