The following is a guest post by Ashley Perry Rodrigue, Healthcare Ambassador for Lenovo.
The number one priority for physicians will always be patient care. With modern technology and legislation that requires digital records the definition of patient care has expanded beyond the traditional medical meaning and now also must include the protection of patient privacy.
Physician use of mobile devices is quickly evolving from a trend to a necessity: in 2012, 44 percent of doctors reported using tablets in the workplace daily. Mobile devices like tablets allow caregivers access to their applications whether they are in a patient room, their office or at home – and if optimized for input, can result in a positive user and patient experience.
However, tablets present a different set of security concerns than PCs, including easier opportunity for physical theft, data vulnerability, user access to uncontrolled apps, and more. Yet security is something that hospitals and health systems simply cannot sacrifice. If patient files are misplaced, misused or stolen, consequences can include job and reputation loss. The results of Ponemon Institute’s 2012 Study on Patient Privacy and Data Security found that almost every hospital surveyed suffered one data breach, and 45 percent suffered more than five over the past two years. Of those, breaches due to lost or stolen mobile devices such as tablets or phones accounted for 18 percent, up from 7 percent in 2011.
At the same time, the Department of Health & Human Services is expanding its information security provisions. In January 2013, HIPAA introduced the “final omnibus rule,” a new, tiered penalty structure for physicians and healthcare practices. New provisions include categorizing any release of a patient’s personal health information (PHI) as a breach, and an enhanced right for individuals to request restrictions on disclosure of their PHI. The mandate also increases fines to as much as $50,000 for “willful neglect” of a patient’s information without correction. To avoid other fines of up to $1.5 million, physicians and healthcare organizations will need to put a greater emphasis on data security. Now more than ever, data security in the healthcare industry is crucial to maintaining your reputation as a caregiver.
While there are dozens of options available, not all tablets and mobile devices are made equal when it comes to security features. Here are several tips for security features healthcare organizations should look for in tablets or other computing devices:
- Anti-malware – Look for devices that can be purchased with pre-loaded anti-malware software. If needed, physicians can later upgrade to corporate-managed anti-malware solutions.
- User authentication – Many tablet operating systems natively support locking the device with a user-defined PIN, password or pattern. In addition, hospitals and health systems should look for devices that also incorporate Active Directory credentials. This allows the use of corporate-controlled passwords for accessing the device. There is also an advantage to the user, who can use the same password to access their PC, or corporate intranet services, for accessing the tablet.
- Data leakage protection – Invest in mobile devices that are Good Technology certified, meaning it has been certified with an industry-leading solution that keeps corporate data “sandboxed” on the device. The sandbox encrypts corporate e-mail that goes into it, and does not allow the data to be copied out. It also allows for the corporate data to be wiped without impacting the user’s personal data.
- Anti-theft and recovery – Choose devices that are pre-loaded with anti-theft and recovery software, such as Absolute Computrace. Lost devices can be remotely wiped, and the Absolute controls will be automatically reinstalled, even if the device is reset back to factory defaults.
About the Author
Ashley Perry Rodrigue joined Lenovo in 2010 as a Lenovo Healthcare Ambassador. She conducts product training and customer briefings in the North America. As a Lenovo Ambassador, Ashley enjoys working in a position where she is able to express her passion for technology through educating others about developing trends in the healthcare industry. To learn more about data security and innovative technology, visit www.lenovo.com.