Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

HIPAA Privacy Infographic

Posted on November 4, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Caradigm, a population health company, recently sent me this HIPAA Privacy infographic. As a sucker for infographics, I had to share. While related to HIPAA, the BYOD data at the top of the infographic certainly paints an important picture for healthcare IT administrators. What data stands out to you?

Privacy Breaches

Data Sources:
http://www.arubanetworks.com/pdf/solutions/HIMSSSurvey_2012.pdf
http://www.pcworld.com/article/250642/85_of_hospitals_embrace_byod_survey_shows.html
http://apps.himss.org/content/files/FINALThirdAnnualMobileTechnologySurvey.pdf
“Fourth Annual Benchmark Study on Patient Privacy and Data Security.” Ponemon Institute. 12 March 2014.
http://www.redspin.com/docs/Redspin-2013-Breach-Report-Protected-Health-Information-PHI.pdf
http://www.fiercehealthit.com/story/ocr-levies-2-million-hipaa-fines-stolen-laptops/2014-04-23
http://www.fiercehealthit.com/story/boston-teaching-hospital-fined-15m-ephi-data-breach/2012-09-18
http://blogs.wsj.com/cio/2014/05/09/patient-data-leak-leads-to-largest-health-privacy-law-settlement/
http://www.nytimes.com/2011/09/09/us/09breach.html?pagewanted=all&_r=0

BIDMC’s Encryption Program Tames BYOD Security Fears

Posted on August 14, 2012 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Beth Israel Deaconess Medical Center has begun what it calls an “aggressive” campaign to make sure every mobile device in use by its staff and students is encrypted. This is interesting in light of John’s recent post about encrypting devices to meet HIPAA.  The following update comes from the GeekDoctor blog maintained by Halamka, a resource worth reading in its own right.

The initiative, spearheaded by the indefatigable CIO John Halamka, MD, MS, is massive in scope, affecting as it does 18,000 faculty members and 3,000 doctors, plus a large student population. Costly and time-consuming though it may be, I think it’s an object lesson in what needs to be done to make “bring your own device” a safe and sustainable part of hospital computing.

“It is no longer sufficient to rely on policy alone to secure personal mobile devices,” Halamka said. “Institutions must educate their staff, assist them with encryption, and in some cases purchase software/hardware for personal users to ensure compliance with Federal and State regulations.”

Halamka and his team already began training staff regarding smart phone devices connecting with the Exchange e-mail system using ActiveSync. Under the new regime, those devices must now have password protection.

Next, the Information Systems team is beginning the massive task of encrypting all mobile devices. They’re starting with company-owned laptops and iPad-type tablets, but expect to move out into encrypting other tablets later.

While the process is understandably complex, broadly speaking the IS department is going to take every device currently owned by the institution and give it a complete going over for malware and vulnerabilities, make sure the configuration meets security standards, then fully encrypt it to meet HIPAA/HITECH safe harbor criteria.

The next phase of the program will extend the checkup and encryption process to any personally owned computers and tablets used to access BIDMC data. I’ll be interested to see if people get squeamish about that. There’s a big difference, emotionally, between letting IS strip your work device naked and sharing your personal iPad.  But clearly, if BYOD is to have a future, initiatives like this will need to go on at hospitals across the nation.

Kaiser’s Mobile Health Approach

Posted on July 10, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As I mentioned in my previous post about laptops and iPads in healthcare, I had the chance to meet with Kaiser at the Health 2.0 conference in Boston. I had a chat with Brian Gardner, head of the Mobile Center of Excellence at Kaiser Permanente and learned a bunch of interesting things about how Kaiser looks at mobile healthcare.

The first most interesting thing to note was that Kaiser currently does not support any sort of BYOD (Bring Your Own Device) at this time. Although, they said that they’ve certainly heard the requests from their doctors to find a way for the doctor to use their own mobile device. Since this means that all the mobile devices in use at Kaiser are issued by them, I was also a little surprised to find that the majority of their users are currently still using Blackberry devices.

Brian did say that the iPhone is now an approved Kaiser device. It will be interesting to check in with Brian and Kaiser a year from now to see how many Blackberry devices have been replaced with iPhones. I’m pretty sure we know exactly what’s going to happen, but I’ll have to follow up to find out. What is worth noting though is the time delay for an enterprise organization like Kaiser to be able to replace their initial investment in Blackberry devices with something like an iPhone or Android device. While I’m sure that many of those doctors have their own personal iPhones, that doesn’t mean they can use it for work.

I also asked Brian about the various ways that he sees the Kaiser physicians using their mobile devices. His first response was that a large part of them were using it as an email device. This would make some sense in the context of most of their devices being Blackberry phones which were designed for email.

He did say that Kaiser had done some video pilots on their mobile devices. I’ll be interested to hear the results of these pilot tests. It’s only a matter of time before we can do a video chat session with a doctor from our mobile device and what better place to start this than at Kaiser?

Of course, the other most popular type of mobile apps used at Kaiser were related to education apps. I wonder how many Epocrates downloads are used by Kaiser doctors every day. I imagine it gets a whole lot of use.

What I found even more intriguing was the way that Kaiser used to discover and implement apps. Brian described that many of their best apps have come from students or doctors who had an idea for an app. They then take that idea and make it a reality with that student or doctor working on the app. It sounded like many of these students or doctors saw a need and created an app. Then, after seeing its success Kaiser would spread it through the rest of the organization.

This final point illustrates so well how powerful mobile health can be now that the costs to developing a mobile health innovation is so low. Once you lower the cost of innovation the way mobile health has done, you open up the doors to a whole group of entrepreneurs to create amazing value.

Laptops End Up With Kids, iPads Don’t

Posted on June 8, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As I mentioned previously, I had the great opportunity to talk with Kaiser recently about their mobile initiatives at Health 2.0 Boston. It was a great chat with Brian Gardner, head of the Mobile Center of Excellence at Kaiser Permanente.

At one point in the conversation I asked Brian about Kaiser’s approach to devices. Did they allow physicians to bring their own device? Were they deploying their own devices and which devices did they use. Brian made a couple of comments that I found really intriguing.

First, he stated clearly that Kaiser issued all of their devices. They were looking at the BYOD (Bring Your Own Device) idea, but currently they didn’t support any BYOD options. Based on his response to this question I could tell that there were a lot of conversations about this topic happening at Kaiser. I got the feeling that they were likely getting quite a bit of pressure from their doctors to do something along these lines.

Brian then also provided what I find to be a really compelling observation. He commented that from their experience the laptops they issued to doctors always seemed to end up with their physician’s kids using them. I assume they could see this based upon the software the physician’s children installed on the laptop. Then, Brian observed that they hadn’t seen the same thing happening with the iPads they’d given out. He surmised that this was possibly because many of the doctors that got iPads saw it as a privilege and those doctors didn’t want to lose that privilege?

How intriguing no? Why is it that a laptop feels like a commodity and an iPad feels like a luxury item? One you don’t mind your children touching and the other is a luxury that your child shouldn’t touch.

I’d also extend this observation to say that working on a laptop feels like work. Using an iPad feels more like play. At least that’s the feeling I get. I imagine many doctors feel the same way. I wonder if that will change as the iPad starts to get more applications that really help you do work on it.