Healthcare Providers Look at Mobile Device Management But Remain Skeptical
November 26, 2012
By Mae Kowalke
, TMCnet Contributor
Bring your own device (BYOD) is a pressing issue for the IT departments in nearly every company these days. But when it comes to BYOD in hospitals, it gets even more dicey.
"Whatever [IT departments] install can't be too intrusive, and sometimes that can be an issue with MDM,” said Eric Westerlind, author of a recent report about mobile healthcare applications, as reported in InformationWeek Healthcare. “But when you're dealing with patient information, anything that contains data covered by HIPAA needs to be secured, and those devices need to be able to be wiped clean."
Westerlind found that encryption and mobile device management were the top two ways that the surveyed healthcare executives were looking to leverage for data security. This is promising for MDM since encryption already is used widely in the industry, according to the InformationWeek article.
But one size does not fit all for healthcare providers when it comes to mobile device management, and many healthcare organizations are reluctant to use MDM for fear that the latest iteration of mobile devices might not work with the MDM they’ve chosen.
"So you invest in one of these MDM tools and it's working well, and suddenly a new tablet or smartphone comes on the market that the tool isn't equipped to manage,” said George Brenckle, CIO at UMass Memorial Healthcare in Worchester, Mass.
For Beth Israel Deaconess Medical Center, the preferred route was managing e-mail instead of employing an MDM.The medical center enforces tight security policies through Exchange ActiveSync since most of its doctors use e-mail as their primary data vehicle. There has been no need for specialty applications for the hospital, just good e-mail security.
But many healthcare providers are looking to protect user data with MDM. The InformationWeek Healthcare article gives a number of technical issues that organizations should consider when selecting an mobile device management policy.
These questions include determining what mobile operating systems need to be supported; whether the MDM will be hosted on the healthcare provider’s network or in the cloud; what e-mail systems clinicians use, and its compatibility with the chosen MDM; whether the MDM is HIPAA-compliant, a non-negotiable requirement; the lock and wipe capabilities of the software; and whether or not the MDM will be used for pushing apps to clinicians.
Whatever is chosen, it is important to realize that not only must strong BYOD security policies be enforced, but it also is important to control mobile application management tools.
"It's not just that you're going to control the configuration on the device; you're also going to control what application can be loaded on that device," said Ken Kleinberg, a health IT consultant with the Advisory Board.
Healthcare organizations need to take a good, hard look at their needs and the potential challenges. BYOD is no light matter when it comes to healthcare yet mobile device management can help these facilities overcome multiple barriers with ease.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.
Edited by Jamie Epstein