Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Locking Down Clinician Wi-Fi Use

Posted on November 1, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Now that Wi-Fi-based Internet connections are available in most public spaces where clinician might spend time, they have many additional opportunities to address emerging care issues on the road, be they with their family in a mall or a grabbing a burger at McDonald’s.

However, notes one author, there are many situations in which clinicians who share private patient data via Wi-Fi may be violating HIPAA rules, though they may not be aware of the risks they are taking. Not only can a doctor or nurse end up exposing private health information to the public, they can open a window to their EMR, which can violate countless additional patients’ privacy. Like traditional texting, standard Wi-Fi offers hackers an unencrypted data stream, and that puts their connected mobile device at risk if they’re not careful to take other precautions like a VPN.

According to Paul Cerrato, who writes on cybersecurity for iMedicalApps, Wi-Fi networks are by their design open. If the physician can connect to the network, hostile actors could connect to the network and in turn their device, which would allow them to open files, view the files and even download information to their own device.

It’s not surprising that physicians are tempted to use open public networks to do clinical work. After all, it’s convenient for them to dash off an email message regarding, say, a patient medication issue while having a quick lunch at a coffee shop. Doing so is easy and feels natural, but if the email is unsecured, that physician risks exposing his practice to a large HIPAA-related fine, as well as having its network invaded by intruders. Not only that, any HIPAA problem that arises can blacken the reputation of a practice or hospital.

What’s more, if clinicians use an unsecured public wireless networks, their device could also acquire a malware infection which could cause harm to both the clinician and those who communicate with their device.

Ideally, it’s probably best that physicians never use public Wi-Fi networks, given their security vulnerabilities. But if using Wi-Fi makes sense, one solution proposed by Cerrato is for physicians is to access their organization’s EMR via a Citrix app which creates a secure tunnel for information sharing.

As Cerrato points out, however, smaller practices with scant IT resources may not be able to afford deploying a secure Citrix solution. In that case, HHS recommends that such practices use a VPN to encrypt sensitive information being sent or received across the Wi-Fi network.

But establishing a VPN isn’t the whole story. In addition, clinicians will want to have the data on their mobile devices encrypted, to make sure it’s not readable if their device does get hacked. This is particularly important given that some data on their mobile devices comes from mobile apps whose security may not have been vetted adequately.

Ideally, managing security for clinician devices will be integrated with a larger mobile device management strategy that also addresses BYOD, identity and access management issues. But for smaller organizations (notably small medical groups with no full-time IT manager on staff) beginning by making sure that the exchange of patient information by clinicians on Wi-Fi networks is secured is a good start.

Will Windows 8 Kill Physician iPad EHR Requirement?

Posted on October 16, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Yesterday at the Digital Health Conference I had the chance to catch up with George Cuthbert from Medent. He’d emailed me a few months back about the potential benefit of Windows 8 in the EHR world and the deep integration of Win 8 that they’d been working on to leverage the unique abilities of Windows 8 for their EHR users.

I admit that since I’ve become more of a health IT blogger and less of a techguy, I haven’t kept close track of all that was happening with Windows 8. I knew that it was designed to incorporate touch as a major focal point of the new Operating System and I knew that it was Microsoft’s attempt to integrate the best of touch together with the advantages of data input using a keyboard and mouse.

Based on the short demo that George did for me of Win 8 and the Medent EHR, it has some real promise. In fact, as the title suggests, I think that if an EHR vendor does it right this could solve the issues that so many EHR vendors have of trying to create an iPad EHR application.

This may sound a little outlandish and certainly many doctors have a special love affair with Apple products. However, I think that most doctors don’t care if it’s an iPad or Windows 8. They just want the iPad like touch interface which allows them to smoothly consume data from their EHR. The Fujitsu model that George showed me has the potential to do just that. In fact, it was quite beautiful how seamlessly you could go from the tablet to a laptop workstation and back.

The biggest challenge that most EHR software will have with this idea is that their EHR isn’t built for touch. Just because Windows 8 makes touch possible doesn’t mean that it will be a good experience to use that way. That’s true for iPad as well and is the major reason why Citrix access to your EHR on your iPad isn’t a great solution. Touch requires a very different interface. George and Medent realize this and you could see the thought and effort they’ve been putting in to transform their interface into a touch optimized experience.

Obviously, I think we’ll still see plenty of iPad in healthcare and iPad EHR. However, I have a feeling that many in healthcare will be just as happy with the Windows 8 touch implementation.

Needed iPad Feature for Healthcare IT and EHR

Posted on July 6, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As most of you know, in my pre-blogger life I was a tech guy. In healthcare I did top to bottom IT support at a health and counseling center. I dealt with everything from servers to networking to desktop support to project management and everything in between. It was a great job since I was never bored and always had a variety of things to do. Not to go into my entire career history, but just to say that it’s with good reason that I’m @techguy on Twitter. I love tech and always will.

When I think back to my tech support days, I remember one time where we had an influx of cash as part of a big move into a new building. With that move we ordered ~100 new desktop and laptop computers. You can imagine the logistics of deploying this many devices all at once. We had to take over what use to be a conference room in order to make it happen.

One of the keys for myself and my student worker to be able to deploy all of these devices quickly and effectively was desktop imaging software. We installed one computer with all of the necessary applications and other security configurations. Then, we copied that computer to all of the other computers. It made for a wonderfully consistent experience for everyone and made support so much easier. Plus, if and when someone had issues with their desktop computer I’d just restore it back to the original install point.

None of this information will be all that exciting for those tech people reading this blog post. However, most that read this site aren’t that technical and so hopefully it gives some perspective to those readers.

The point of telling this background is that I think it’s one of the major weaknesses of the iPad. Can you reinstall the iPad after use? Can you restore it back to it’s original install point? Sure, if you’re in a solo physician practice or small group then maybe this doesn’t matter as much. However, if you’re in a hospital or large group practice these types of features can be really important to your IT people.

I’ve argued since nearly the beginning of the iPad that the big issue for the iPad in healthcare is the lack of enterprise features. The features described above are just a few simple examples of enterprise features that I’m not sure the iPad will ever support. Sure we’ll still see the iPad in healthcare. We already do see it, but we’ll never see the ubiquitous adoption of iPad in healthcare without these features.

I’m sure that some would suggest that by using a remote desktop application like Citrix you can achieve much of the enterprise features that I mention above and more. Things like security of data are much easier in Citrix. I’m just still skeptical that any remote desktop application can reach the type of iPad usability that a native iPad app can achieve.

I am interested to see how well the new Windows 8 platform will do. The idea of marrying the best of the tablet/iPad world with the best of the desktop world is an interesting idea. We’ll see if they’re able to walk that balance beam and provide that seamless experience across both sides of the aisle.

Cloud Computing Won’t Be the Death of Client Server EMR – Something Else Will Be

Posted on May 9, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

One of the all time favorite topics of discussion here at EMR and HIPAA is around SaaS EHR software versus client server EHR software. They each go by many other names and the technical among us might know the hard core technical difference between each, but most doctors don’t know and don’t care. SaaS EHR software is often called hosted EHR software or ASP EHR software or even Cloud Computing if you want to use a general term. Client Server EHR software is sometimes called in house EHR software or self hosted EHR software. I’m sure there are other names I missed.

Regardless of what you call it, many people (usually those from SaaS software vendors) believe that client server software will lose out to the cloud. It’s hard to argue with them since in almost every other industry cloud based software has won.

Here’s why I don’t think we’re going to spell the death of client server software for a long time to come. Client server is going to be here for a long time because of such wide adoption by so many doctors. Not to mention, many of the client server EHR systems are really large implementations that would be hard to displace. Plus, there are many doctors who don’t care about the mobile benefits of a SaaS based EHR software. Quite a few doctors want to only use their EHR software in their office.

Certainly there are others on a client server based EHR system which will want to access their EHR outside of their office. Unfortunately, instead of EHR replacement we’re likely to see a hybrid environment that supports client server and some sort of app environment come out of the various client server EHR vendors.

Sure, a lot of doctors will also use Citrix or other remote desktop environments and hate the user experience, but it will pacify them until the hybrid EHR environment is built. In fact, that hate towards the remote desktop environment on a mobile device will drive the development of this hybrid approach. The advantages of a client server environment with an app connection will keep the client server environment around for a while.

So, while many want to declare the death to client server, I’m not ready to do so. Sure, SaaS EHR software has its advantages, but client server software isn’t going to go down without a fight and they’re going to be around for a while since in many cases they hold the high ground.

Conflicting Indications of the Move to SaaS Based EHR

Posted on November 29, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

One of the really interesting things I noted while attending the NextGen user group meeting had to do with the move to SaaS based EHR and other SaaS based EHR software. I partially mentioned this in the write up I did at the conference, including a tweet where I talk about how Scott Decker really pushed the idea of NextGen making the move into the SaaS based software world.

I think there’s little doubt that NextGen sees the value of SaaS based software. I think they see the convenience to doctors of not having to manage a server. Most importantly, I think they see the value of not having the healthcare data stored in EHR in silos.

One thing that Scott Decker mentioned in his keynote was improving their coding rules engine based on the feedback and experience across all of their SaaS based EHR users. I found this really intriguing since it highlighted some of the challenges and limitations of the client server EHR model that’s so prevalent in healthcare.

After hearing these comments about NextGen’s move towards more and more SaaS based software, I wondered what users at the meeting thought about the move by NextGen to SaaS EHR. The nice part of a user group meeting is I had a chance to talk to a number of them.

One company I talked to said basically, “We have 30 Citrix servers in our NextGen EHR installation. That’s a huge investment we’ve made and I don’t see us changing that any time soon.” They’ve got an interesting point. There’s a lot of money invested in training, equipment, software, and general understanding of the current client server EHR installs that NextGen employs (or is it employed?) for its large EHR customers.

It’s quite a stark contrast to consider this entrenched client server user base that is unlikely to change even if NextGen’s direction is headed towards SaaS EHR software. To be completely honest, I’m not exactly sure how this “conflict” is going to play out.

EHR Stimulus Alliance Sickens Me

Posted on May 18, 2009 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I previously posted about the EHR stimulus tour (no link since I don’t want to promote them). Today I saw what seems to amount to a press release that talks about the “EHR Stimulus Alliance” and their tour to “educate 500,000 U.S. physicians about opportunities aligned with the American Recovery and Reinvestment Act (ARRA) of 2009.”

This type of puffery just makes me sick. No. Not the educating 500,000 physicians. That’s a good thing and part of the motivation for this blog. The thing that makes me sick is this seems like just a big marketing campaign for Allscripts. Sure they have a list of other partners, but they’re basically partners of Allscripts. Check out the list: Allscripts, Cisco, Citrix, Dell, Intel, Intuit, Microsoft Corp., and Nuance. The press release calls it a “broad coalition of healthcare and technology companies.” Too bad Allscripts is the only true healthcare company in that list. All the others are technology companies that sell some healthcare products.

I just don’t like when an “education tool” is really just being used as a marketing tool for a certain EHR company. If they really wanted to help adoption, they’d sponsor a tour with a whole variety of EHR vendors where they can help doctors to be able to see the wide variety of EHR vendors that exist.

Someone recently emailed me about any conferences that exist for a doctor to be able to evaluate EHR companies all in one place. I know there have been a number of other ones in the past that no longer exist. The only one I know is still going is HIMSS. Does anyone else know of other places where doctors can see a bunch of great EHR? I ask this knowing that many really great EHR just haven’t seen the benefit of these types of shows.

Also, if anyone has a chance to go to one of these EHR Stimulus tour stops, I’d love to have you do a guest post on the experience. I sent them a tweet asking if they can stop in Las Vegas so I can check it out.

EHR Stimulus Tour

Posted on May 4, 2009 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Turns out the fish are starting to feed. Check out this website that talks about the “EHR Stimulus Tour: Educating the Nation.” Ok, I don’t really want you to check out the website, since I think it’s kind of sad. At the bottom it lists the “EHR Stimulus Alliance.” The following companies are listed in this EHR alliance:
Allscripts
Cisco
Citrix
Dell
intel
intuit
Microsoft
Nuance

What a group of large companies trying to sell a bunch of product. I guess we should have expected something like this, but maybe I’m just a little surprised that they made a website for an EHR stimulus tour and everything. Interestingly the twitter link on the site goes to an Allscripts twitter account. I think we can clearly see who’s behind this website.

Honestly, this reminds me of an Amway or other MLM convention. Is it any wonder the type of information that will be given at this type of tour? I guess $18 billion is a lot of motivation to market your EHR software. I just wish they were stopping in Las Vegas so that I could go and check them out.

Dell’s Healthcare IT Solutions

Posted on May 1, 2009 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I found this article which described a number of the offerings that Dell has offered to help Healthcare IT. I’m sure this could sound a lot like a sales pitch for Dell. It’s not intended to be a sales pitch for Dell. In fact, most of the solutions are being offered through Dell partners like Symantec, VMWare, Citrix, etc. I’d caution that you should look around since you can certainly find the exact same products from other sales channels than Dell. As always, it’s best to look around when purchasing any of the products described below.

What I did find interesting was all of the various types of packages that Dell and its partners are trying to offer to healthcare IT. My big question for you, is how can we ever keep up with all these cool technologies?

The following are snippets of the article linked above. I’ll add my commentary in italics below each section.

Dell Mobile Clinical Computing Solution

Among the new offerings announced is Dell Mobile Clinical Computing Solutions. This lets physicians access patients’ records from any terminal using smart cards and Symantec’s (Nasdaq: SYMC) Workspace Corporate product for single sign-on and secure authentication.

This capability is not entirely new, however. Sun Microsystems (Nasdaq: JAVA) has offered roaming capabilities using smart cards and single sign-on access through its Sun Ray technology, both in the U.S. and worldwide, for several years now. U.S. Sun Ray customers in the healthcare field include Denver Health, which provides healthcare for a quarter of all residents of Denver, Colo.

Smart Cards are interesting to talk about and interesting to see in action, but I just personally have never been fond of trying to manage smart cards. They’re expensive and prone to be lost. Can someone else make the case for them? I’d be interested to hear it.

On-Demand Desktop Streaming

Another element of Dell’s new lineup is On-Demand Desktop Streaming. This is for stationary environments where data management and security are critical. Virtual disk images will be streamed to desktops. This enhances security because users get a new, pristine image every time they boot up.

While Dell partners with VMware (NYSE: VMW), Microsoft (Nasdaq: MSFT) and Citrix (Nasdaq: CTXS) for virtualization, it’s likely that Citrix has been picked for this solution, as it is based on streaming images to the desktop.

On demand desktop streaming is a really cool concept. I think that in the next 2 years, the thin client on the desktop will become a major reality. Of course, I think this really only applies to large scale implementations that can benefit from the savings of virtualization and thin clients. Small offices will still be buying the regular old desktops. I don’t know what Dell will do, but I see VMWare becoming the dominate player in this space and Citrix losing some of its hold.

Virtual Remote Desktop

Virtual Remote Desktop offers centralized control and management of end-user devices while enabling personalized end-user desktops, access from any device — whether within our outside the corporate firewall — and session mobility, where a single desktop session can follow the user from one device to another.

The solution was developed in collaboration with Citrix. It consists of Citrix XenServer Dell Edition; Citrix Desktop Delivery Controller; Citrix Secure Gateway; and Citrix Provisioning Server.

This sounds like the idea of taking the desktop to your mobile phone. The mobile phone is getting there now with 3G speeds. I’d like to see this work. I’m afraid it’s still not going to be as nice as using a desktop.

Dell, Perot and the Cloud

In addition to Mobile Clinical Computing, Dell is teaming up with Perot Systems to provide virtualized desktop, storage, server and electronic health records on-premise, hosted off-site or in secure private clouds.

Perot also works with other major vendors in healthcare IT, such as IBM (NYSE: IBM) , HP (NYSE: HPQ) and Sun. “We’re vendor-agnostic,” Moss said. “We work with whatever’s best for the client.”

I don’t know anything about Perot systems, but it sounds interesting. I might have to learn more. Anyone else ever used Perot systems before that can tell me what it’s like?