Quantcast
Channel: Blogs » Solutions
Viewing all articles
Browse latest Browse all 10

BYOD in Healthcare

0
0
BYOD, or Bring Your Own Device, is a topic of communication and connectivity that touches organizations across markets and across verticals from finance to manufacturing to healthcare. Adoption of mobile devices at the workplace has rapidly increased because of their ability to support multiple functions. Since the early days of simple phone calls and text messages, mobile device capabilities have expanded to include so much more. For example, for clinicians, these functions include drug reference apps, electronic medical record (EMR) access, critical test result notifications, code alerts or secure communications with colleagues. The question arises here for both hospitals and health systems are whether to supply these devices or allow clinicians to use their own.

Creating a successful BYOD environment takes time, careful planning, and thorough execution to maintain the integrity and security of the patient information being accessed and shared on mobile devices.
A successful BYOD policy needs to address the people, the processes and the technology. It should clearly outline what behaviors are expected and accepted, and what the penalties are for non-compliance.
From an IT perspective and when designing a BYOD policy, especially in a critical vertical like healthcare, the big question for employers and employees generally include
  • 1. Decision making
  • 2. IT support (If they use it, will you support it?)
  • 3. Expense allocations (Who pays for what?)
  • 4. Access (What is effective and acceptable use?)
  • 5. Security (Is it safe?)
Though the questions above apply across industries, there are regulatory requirements that make security an especially important consideration for the healthcare vertical.

How is the decision taken?

Once a physician group, clinic or hospital has decided to implement BYOD, a formalized policy needs to be drafted in coordination with multiple departments.
Clearly defined set of governing rules are recommended to be crafted at the outset to prevent misuse of personal devices that could jeopardize the security of patient information as also make the institution vulnerable to security breaches and fines.
Inputs should be taken from BYOD participants to understand how devices are used, what systems they need to access, and the potential risks. HR is responsible to outline and enforce punitive measures in the event an employee misuses the device and/or patient information. Administration coordinates both approvals and the budget. And the IT team is responsible for assessing the risks, determining what tasks should be performed on a mobile device, ensuring the technical implementation, and deciding what support they are expected to provide or otherwise.

What is THE role OF IT in BYOD?

IT support implies two critical aspects in a BYOD scenario-which are the devices for which IT will provide the apps and enterprise access, and what is the level of help available for end users to register their device, install apps, troubleshoot problems, etc. Lack of support can cause user frustration, create security risks if information protocols are ignored, and might even delay patient care because of disruptions to network access or important system integrations.
Part of the challenge for IT teams with a BYOD policy is the variety of device types and platforms that employees wish to use. Which ones will be allowed? Smartphones, tablets, laptops, wearables? Apple, BlackBerry, Android?
IT will also need to decide the extent of help to be offered and how to provide it. For example, will the IT team offer assistance for new app installations? What about ongoing support for day-to-day questions on the ability to integrate with certain systems, the use of a hospital-provided app and assistance with lost or stolen devices? Another important factor to be considered by the IT team is the expertise and the number of staff members required to support a BYOD roll out.

WHO PAYS FOR WHAT?

One of the toughest parts of developing a BYOD policy is establishing the expectations of employees and employers around who picks the tab. Users are generally expected to purchase personal devices such as smartphones and tablets.
Then the primary questions are around the data and cellular plans. If the personal device being used is essential to the employee’s job, hospitals might consider covering part of the monthly expense by paying a flat stipend to employees, paying a percentage of the bill, or reimbursing monthly expenses based on actual usage.

WHAT IS EFFECTIVE AND ACCEPTABLE USE WHEN IT COMES TO BYOD?

From the clinician’s perspective, Effective use means devices that help them perform their jobs efficiently by cutting wasted time from a clinical workflow, or making a process easier. Effective use means better care for patients. Acceptable use means enhanced security for Protected Health Information (PHI) and better risk management.
To provide this level of control over personal devices in the hospital, many organizations are on the lookout for mobile device management (MDM) solutions. An MDM solution can help hospitals keep track of all approved BYOD devices, control access to enterprise networks and systems, manage app installations and upgrades and above all offer enhanced security.

IS IT SAFE?

Though desirable, full systems access through personal devices cannot always be granted due to data security concerns. The use of personal, mobile devices raises questions on security: the information being shared, or if it is secure in transit and storage, can it be saved to the device, or is it only accessible through a portal? Hospitals are concerned because the cost to healthcare organizations for a data breach can range from $10,000 to more than $1 million.
For instance unsecured SMS /Texting to coordinate care for patients put physicians and hospitals at risk for HIPAA violations. One answer to help address the risk to patient information is a secure texting application that can be used by physicians to organize messages and alerts based on priority and keeping work-related messages separate from personal notes and spam.
A good secure texting app delivers effective use to clinicians, as well as acceptable use for the facility.

CONCLUSIVE THOUGHTS

BYOD is a long process — from planning through implementation – hence hospitals should start earlier than they think they need to. BYOD best practices are still being developed, but help can be sought from others who have implemented a policy to find out what worked and what didn’t. For instance, hospitals and IT teams should consider working with a consultant that has experience in healthcare communications and who understands the clinical workflows that BYOD needs to support. This consultant can help coordinate staff for input, assist with planning, and even help with solution rollouts and end user training.
Creating a BYOD policy is not a simple task – it takes time, planning, and the involvement of all stakeholders to be both, useful to users and successful at protecting data. Ultimately, easier access to information, simpler communications, and faster collaboration among providers means better patient care.

Viewing all articles
Browse latest Browse all 10

Latest Images

Trending Articles





Latest Images