01-09-13 | Blog Post

mHealth Security: A BYOD Case Study Excerpt from Our Mobile Security White Paper

Blog Posts

Mobile device use in the workplace, or BYOD (Bring Your Own Device), presents its own benefits and challenges within healthcare organizations. Interoperability, cost, security and usability are just a few of the issues healthcare CIOs find themselves faced with.

The healthcare BYOD case study below is an excerpt from our newest white paper, Mobile Security, covering all aspects of mobile device, application and data security.

One successful example of implementing a compliant BYOD (Bring Your Own Device) environment was presented at Online Tech’s Fall into IT 2012 technology seminar. Kirk Larson, Vice President and Chief Information Officer (CIO) at Children’s Hospital Central California, explained how he leveraged a virtual desktop infrastructure to integrate mobile device use seamlessly into the hospital’s workflow.

Who: Children’s Hospital Central California, a 348 bed pediatric hospital in California’s Central Valley, with a medical staff of 525 physicians practicing in over 40 subspecialities. The hospital is one of the 10 largest children’s hospitals in the U.S. Children’s performs more than 11,000 surgeries a year and sees more than 67,000 emergency room visits annually.

Technical environment: Children’s environment runs Dell, VMware, NetApp, Cisco, and manages .5 PB (petabytes) of data, 10,000 network elements, 8,500 user accounts and 300 servers. Like most operations, they are a Microsoft Windows shop, Lenovo, HP, Panasonic, etc. On the application side, the hospital uses Meditech 5.65 client/server, and is meaningful use stage 1 certified. They use Lawson for their ERP (Enterprise Resource Planning) and Picis in operating rooms.

Electronic healthcare system implementation: In 2011, the hospital went live with Advanced Clinical Systems (ACS.) This included electronic nursing documentation and CPOE (computerized physician order entry). This fundamentally changed the way care was delivered and changed requirements for ITS (information technology services) based on an increase in both users and different devices.

Virtual Desktop Infrastructure: The hospital had three concerns: the security around mobile devices; the exponential increase in number of clinical users; and resource effectiveness (how to best leverage the resources they already have, and the resources they will require over time.) Children’s decided to leverage their virtual desktop infrastructure (VDI) to support these concerns. The hospital was one of the first hospitals in the nation to use VMware View Client for iPads, which allows for secure access to a virtual desktop with the ability to deliver services from your cloud.

What are some BYOD issues?

  • Multiple device preferences – From tablets to laptops to smartphones, different employees use different types of devices for different purposes.
  • Different applications works differently with different devices – Not all vendors have caught up with the capability of today’s mobile devices. Using tablets in healthcare is good for static data review (i.e. x-rays,) but if tablets are relied on for heavy data entry, the screen and keyboard may not be the best device for the task.
  • Different workflows – A dietician may favor an iPad because he or she is reviewing data instead of entering data. An iPad’s design allows for ease of viewing images and data, despite not being suitable for extensive data entry.
  • Cost – The initial reaction is that there will be cost savings in buying devices, licenses, antivirus software, etc., since people will be using their own. While this is true to an extent, there is additional investment in the VDI on the backend. So, there is a net savings, but there are still costs and the program will not eliminate all devices from the IT budget.
  • Safeguarding of data – Using BYOD, it is essential that data is safe and secure, and should never reside on the actual device. Read more about what HIPAA compliance requires when it comes to HIPAA hosting.

Related Mobile Device and Security Articles:
Mobile App & Manufacturing Tech Fuel Michigan & Detroit Economy
Mobile Security White Paper: Policies, Technology & BYOD
Mobile POS & PCI Compliance
2012 State of Mobile Health IT
Mobile Platform-as-a-Service (PaaS) & HIPAA Hosting

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved