• No results found

Session 125: A Health IT Executive s Guide To BYOD Management

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Session 125: A Health IT Executive s Guide To BYOD Management"

Copied!
29
0
0

Loading.... (view fulltext now)

Download now ( 29 Page )

Full text

(1)

Session 125: A Health IT Executive’s Guide To BYOD Management Ken Congdon, Editor In Chief, Healthcare Technology Online

(2)

Conflict of Interest Disclosure

Ken Congdon, BA Journalism

Has no real or apparent

conflicts of interest to report.

(3)

Learning Objectives

• Recognize potential BYOD challenges

• Propose policies and best practices to effectively

manage BYOD practices

• Justify the practice of BYOD in your healthcare

facility

• Evaluate technologies used for effective BYOD

management

(4)

The BYOD Ship Has Sailed

• 80% of physicians own

tablet devices

(HIMSS Health IT 2012)

• 70% of smartphones belong

to users

(Forrester Research)

• 65% of tablets belong to

users

(Forrester Research)

• 59% of employees use

mobile devices to run line of

business applications

(Symantec

(5)

The BYOD Ship Has Sailed

• Employees driving the BYOD trend because:

– They want faster, newer, higher performing devices than their employer provides

– Need to access data from multiple locations (office, hospital, clinic, home, etc.)

(6)

IT Attitudes Toward BYOD

• IT concerns:

– Patient data security

– Virus/malware protection

– Software license management – Mobile Device

Management/Application Management

– Intellectual property protection – Loss prevention

(7)

IT Attitudes Toward BYOD

• Mobile malware rose 155% in 2011

(Juniper Mobile Security

Report 2011)

• Draconian BYOD controls unlikely to work

– 37% of employees use noncompliant devices on corporate networks before formal permissions or

(8)

IT Attitudes Toward BYOD

• 85% of hospital IT departments allow doctors

and staff to use personal mobile devices at work

(2012 Aruba Networks Survey)

• 86% of hospitals have some kind of BYOD

policy in place/31% have full BYOD

(KLAS 2012 Report –

Mobile Applications: Can Enterprise Vendors Keep Up?)

• 70% of hospitals use mobile devices to access

EHR data

(KLAS 2012 Report – Mobile Applications: Can Enterprise Vendors Keep Up?)

(9)

IT Attitudes Toward BYOD

• In survey of our readership, Mobile/Tablet Computing ranked as our #4 health IT trend, yet BYOD

Management ranked #32

• 47.4% ranked Mobile/Tablet Computing a “Top Priority” or “Priority”

(10)

IT Attitudes Toward BYOD

• Only 9% of organizations are “fully aware of the

devices accessing their network

(2012 SANS Annual Mobile Security Survey)

• Only 24% of personally-owned smartphones (21%

of tablets) can be remotely wiped

(Osterman Research)

• Only 10% of personally owned smartphones (9% of

tablets) can be scanned for malware

(Osterman Research)

• 29% of organizations do nothing to manage

(11)

BYOD Benefits

• When implemented

correctly, a BYOD strategy

can provide a healthcare

facility with several benefits:

– Employees are more efficient – Organizational costs can be

reduced

– Improved employee satisfaction

(12)

BYOD – A Winning Strategy

• Policies must be developed before it’s too late

• Interactions between internal systems and devices

must be secure

• It has to be easy to adopt and achieve compliance

• It must allow for coexistence of personal/corporate

functionality (apps and data)

• It must be capable of evolving with evolution of

devices

• Ownership and financial reimbursement must be

clear

(13)

BYOD Best Practices –

1. Policy Before Technology

• Policy outlines acceptable use • Should not be created in an IT

vacuum • Key considerations: – Device/OS support – Security measures – Compliance requirements – Application support

– Corporate system access – Personal privacy guidelines – Reimbursement strategy

(14)

BYOD Best Practices –

2. Secure Data End-To-End

• Strong BYOD security policies – ensure data security at the end point, middle, and data center

• Access controls/user certification

• Methods providers use to protect mobile data (KLAS Research 2012 Mobile Applications: Can Enterprise Vendors Keep Up?):

– Virtualization (52%) – Encryption (46%) – MDM Software (35%) – Limit Devices (12%) – Internal Cloud (11%) – Limit OS (6%) – External Cloud (5%)

(15)

BYOD Best Practices –

2. Secure Data End-To-End

• Limit corporate data/PHI that can be stored on mobile devices

• Disable moving emails

• Continuous device monitoring & alerts

– Unauthorized devices attempting to access network – Root/jailbroken devices

– Unsecure applications – Encryption enforcement

• All mobile devices must be able to be wiped remotely by an administrator

(16)

BYOD Best Practices –

3. Ensure User & IT Simplicity

• Enroll devices in bulk

– Basic authentication (e.g. Active Directory/LDAP) – New devices quarantined & IT notified

– Enrollment controls/customized user eligibility

• Application/update push

– Application server

• Embed self-service capabilities

(17)

BYOD Best Practices –

4. Separate Corporate & Personal Data

• Keep personal data personal:

– Personal emails, contacts, calendars – Application data

– Text messages

– Call history & voicemails – Personal photos & videos – Location indicators

• Let users know what data will be collected by

corporate and how it benefits them

(18)

BYOD Best Practices –

4. Separate Corporate & Personal Data

• Corporate apps, documents, data, etc. must be

protected by IT

• Use mobile synchronization software to push

settings to devices and enforce policies

• Provide ability to conduct “selective wipes” on

personal mobile devices

• Build employee trust while minimizing mobile

distractions

(19)

Potential BYOD Challenges

• Forced device encryption

• Keeping up with changing mobile device

ecosystem

• Implementing security protocols without affecting

the user experience

(20)

Technologies To Promote BYOD Success

• Wireless networking/VPN

• Encryption

• Virtualization

• Certification/Authentication

• Mobile Device Management (MDM) software

• Personal/Business profile management

(21)

BYOD Success Stories –

1. Western Maryland Health System

• Located in Cumberland, Maryland, but serves folks in WV and PA (rural area)

• Affiliated physicians demanded access to their practice EMR systems while at the hospital

• 4 to 5 different ambulatory EMRs in use

• Couldn’t accommodate everyone with VPNs

• Opted for a BYOD Wi-Fi solution where ambulatory EMRs can be accessed via Citrix

(22)

BYOD Success Stories –

1. Western Maryland Health System

• Physicians can compare notes in their EMR with data in MEDITECH (the hospital’s EHR)

• Physicians can dictate notes into MEDITECH using their mobile device and Dragon

• No PHI stored locally on devices • Shared-key access (monitored)

• Wireless users cannot communicate with other wireless users

(23)

BYOD Success Stories –

1. Western Maryland Health System

• Restrictive as to who gets access to corporate

resources

• BYOD Benefits:

– Improved patient care

– Accelerated EHR adoption

(24)

BYOD Success Stories –

2. Resources For Human Development

• Nonprofit social service organization

in Philadelphia

• Instituted a BYOD strategy to control

costs

• Conducted internal survey that

showed that 90% of employees

owned their own smartphones

• Desire among employees to carry

only one device

(25)

BYOD Success Stories –

2. Resources For Human Development

• Decided to leverage these personal

devices

• Implemented MDM to separate

personal and corporate data and

provide monitoring, blocking, and

wiping capabilities

• MDM transparent to users, but must

agree to have it installed

• Device encryption, auto-locking, and

anti-malware also required

(26)

BYOD Success Stories –

2. Resources For Human Development

• No data stored on devices (virtualized

desktop for EHR apps)

• Provides stipend to encourage BYOD

use

• BYOD Benefits:

– Employee satisfaction

– Device costs cut by more than half – Secure (Since implementation two to

three dozen devices were lost or stolen, but no data was lost)

(27)

BYOD Success Stories –

3. Yale New Haven Health System

• Connecticut’s leading healthcare

system with four healthcare delivery networks and more than 1,500

licensed beds

• Over the past two years mobile

device use has grown by more than 400%

• Embraces BYOD, but also issues corporate devices

• Initially supported all devices, but now provides a list of recommended

(28)

BYOD Success Stories –

3. Yale New Haven Health System

• Leverages virtualization

technology to ensure no data is

stored on devices

• Leverages MDM for app

deployment, loss prevention,

centralized administration, mobile

device visibility

• Results = Marked productivity

increases, cost savings, 99.999%

uptime

(29)

Thank You!

Ken Congdon Editor In Chief

Healthcare Technology Online www.HTOinfo.com

ken.congdon@jamesonpublishing.com

Twitter: @KenOnHIT

References

Download now ( PDF - 29 Page - 1.23 MB )

Related documents

Enterprise Solution & Business Revolution Enterprise Mobility Management Strategy

Enterprise Mobile Management Strategy Elements B2E Mobile Reporting Mobile Office BYOD Mobile Timesheet Mobile CRM Mobile ERP B2B Mobile- Ordering Mobile Trading

IDC MarketScape: Worldwide Enterprise Mobility Management Software 2014 Vendor Assessment

Mobile content management solutions for the enterprise provide IT with a secure way to provide access to files/content/data sitting in various data stores to mobile devices.

It s easy to keep up with progress.

Fuel consumption of the Passat in l/100 km: combined between 5.5 and 4.0, CO₂ emissions in g/km: combined between 140 and 103, efficiency class: B–A+. Car-Net Guide &

Infant Incubator ATOM Rabee Incu-i Operation Manual

In the manual control mode, the heater output is controlled to achieve a preselected incubator air temperature; in the servo control mode, a skin temperature probe is attached to

Enterprise Mobility: winning strategies to get your organization ready for the future

Enterprise Mobility Management Mobile DevOps Enterprise Internet of Things A comprehensive suite of modular products that manages BYOD for Device, Applications, Content,

Recording Of Custodial Interrogations: Policies And Practices

Then, the survey asked: “If your agency does have a written policy regarding electronic recording of custodial interrogations, does it include the following elements:

Efficacy of the thoracic side airbag and effective occupant protection in lateral impacts

The different load cases in the Controlled Collision Environment (barrier - with a deformable face, pole impacts - rigid nature) present problems to vehicle safety engineers as

A novel ontological approach to modelling engineering processes: A coupled tank system case study

Much research work has been carried out especially in the areas of modelling of the CTS (K. Owa et al. 2012) using techniques such as Artificial Neural Networks, SIMULINK