What is the current state of smartphone security in the healthcare environment?
Smartphones streamline patient care and access to information but security and compliance are key. Reliable technology, security policies, and excellent vendor support are essential for protection against security breaches and compliance.
Also, patient data should never be stored on devices and authentication protocols should be designed to support various deployment and usage models.
How is PatientSafe helping to educate its customers on the importance of security?
Security is both a technology and policy consideration and needs to be addressed proactively in the technology assessment process.
On the technology front, we ensure our hospitals are adopting data transfer and storage models that meet the industry standard level of encryption. If there is a strong clinical workflow delivery need for external access, we help hospital IT stakeholders design access capabilities for specific types of clinical users. We also design device security, ensuring no data lives on the physical device.
On the policy side, PatientSafe partners with hospitals to understand workflows and to build appropriate security policies prior to technology adoption. For example, when a customer adopts our clinical communications platform, we institutionalize policies on they types of information that is allowed to be communicated via the mobile device.
Given the rise in cyber security attacks/data breaches, are your customers and prospects coming to you with requests for greater protections?
Customers and prospects ask us how they can adapt to the new security use case requirements introduced by BYOD (Bring Your Own Device). They run technology inside the hospital where they control the network and data flow. But, clinicians now want to see that same information outside of hospital walls. As these requests increase, the same benchmark standards of information protection must be applied to data that’s being accessed outside the hospital network.
Regarding smartphone security, healthcare faces a bit of a dilemma: We’re moving (albeit slowly) to a more patient-centered system that is being greatly aided by the power of the smartphone. Patients now have mobile access to their health data, wearables, thousands of healthcare apps, etc. And yet, cybersecurity issues are plaguing providers and their BAs like never before. How do you foresee the industry handling this juxtaposition?
We don’t see this as two conflicting worlds. Technology advancement should actually enable secure data access and sharing, not increase the risk. Key technology players have designed innovative ways to store, transfer and deliver critical information across various mobile device and data storage platforms. While PatientSafe has ensured this on all fronts from day one, the increase in cyber attacks and penalties tied to monetary value will incentivize the rest of the industry to move from reactive security policies designed for technology towards demanding technology designed to proactively minimize security risks.
Grace Hua is the Director of Product Management for the PatientTouch Clinical Communications suite. At PatientSafe, Grace focuses on designing intuitive technology experiences centered around clinical workflows as well as fighting company health initiatives with her delicious baked goods. More here: linkedin profile