A little while back, we began a series of “get to know you” polls in an effort to better shape our content. In a June poll, we asked about your positions within your organizations, with results showing an even split between IT and marketing, with sales also being a popular answer. We found the results quite interesting, and they led us to wonder – in what industry vertical do you work that makes remote access and network security of interest? As always, feel free to elaborate in the comments.
Posts Tagged ‘healthcare’
Tags: education, financial services, government, healthcare, IT, Poll, Readers' Poll, vertical
Tags: healthcare, healthcare IT, mobile health, Mobile Security
Today, we finish our conversation with Dr. Ruchi Dass on mobile health trends. We left off last week talking about the security issues surrounding mHealth. Below, Dr. Dass tells us more about mitigating security risks and what still needs to happen for mHealth to be fully optimized.
Dr. Ruchi Dass: To mitigate the risks authentication systems raise, it is essential that they be designed to offer individuals control over their personal information by supporting traditional principles of fair information practices.
While these principles have long formed the basis of federal and state law, industry rules of best practice, and international agreements related to information privacy protection, their application to authentication systems must be carefully considered and articulated so as to take into account the complex and unique questions raised by the technology. In fact, because fair information practices are often ignored in the current use of authentication, the move to new authentication systems offers implementers the ability to offer stronger privacy protections if privacy issues are addressed in the design of the technology.
On the technology front, these risks may be mitigated through deployment of diverse authentication products, by decentralizing their design and limiting the amount of personal information collected. It discusses the importance of applying fair information practices to the management of authentication data. Also, computer and mobile solutions should be designed and implemented using an enterprise-wide architectural methodology. An architectural methodology helps IT by providing a framework to consider all of the major issues, highlight the interdependencies and facilitate decision making between conflicting tradeoffs.
VPN Haus: What are the major barriers that need to be overcome before mHealth can be fully optimized and deployed on a wider scale?
Dr. Dass: When we think to e-connect patients with their providers, share their medical and other data and provide care i.e. anytime, anywhere; we get surrounded with questions of adoption, value, privacy & security, interoperability and standardisation. A lot of challenges remain because on one side, health care professionals are trying to make the world more healthful and connected through the use of technology, challenges are often a result of illogical or short-sighted business choices, not the technology challenges themselves.
When our approach will be sufficiently future focussed, interoperability and security implementations wouldn’t be cost consuming anymore. Cost to access vital data will drop, HIE will be easy, security concerns will be a few and we would be able to leverage technology more to solve some of the daily problems related to health systems, operations and delivery.
Ruchi Dass is CEO of HealthCursor Consulting based in India.
Tags: healthcare, IT security, mobile, mobile devices, mobile health, Mobile Security
Earlier this week, we explored the innumerable medical breakthroughs that could stem from mobile health innovations. Today, let’s consider the security considerations to enable this.
Security Must Be Paramount
Yet, considering how sensitive and valuable medical information is, proper precautions must be taken to secure this data before mobile health can become mainstream. For instance, if hackers or disloyal employees scan or manipulate health data that is sent via mobile applications, the consequences can range from embarrassment to, frankly, death. It’s easy to understand why ensuring these connections are secure is absolutely critical.
Mobile health, however, requires special VPN functionality. For instance, it requires both extremely high security and flexibility. After all, a healthcare application might use a potentially insecure public Wi-Fi network to communicate with the IT system of a hospital or a medical office. In order to maintain security in such a scenario, the VPN client must be able to automatically adapt to these security settings.
The same requirements apply to smartphones and tablets used by nurses in elderly or outpatient care. Such solutions relay patient information—from homes or hospitals—onto the central database, typically via a VPN connection. And so again, the VPN connection must be able to flexibly adapt to various network connections, given some of amount of unpredictability of the locations. Also, considering that many healthcare workers are not trained in technology, the VPNs must be easy to use, so convenience is not traded for security.
There’s no doubt mobile health offers innumerable opportunities to lower the cost of healthcare and infinitely improve efficiencies and convenience. The question is, can we ensure that this is done securely?
Tags: healthcare, healthcare IT, information security, IT security, mobile, mobile devices, Mobile Security, security
Healthcare IT News recently asked its readers about the healthcare data breaches that worries them the most. Not surprisingly, the vast majority (80 percent) of respondents said electronic data breach/hack, while only 13% worried about hardware theft, followed by 7% concerned about the theft or loss of paper records. This trend is warranted. For instance, a recent article in the Fort Worth Star Telegram highlighted the growing trend of doctors using smartphones, tablets to access medical data. According to the story, hospitals in North America spent $7.4 billion on electronic records in 2010 – and the 2009 stimulus act has earmarked $50 billion to help government and private healthcare providers offer EHRs over the next five years.
So what does this look like? Here’s an anecdote from the piece:
If a patient of Arlington physician Ignacio Nuñez shows up at the emergency room when the doctor is not at the hospital, he doesn’t have to wait long to start investigating what might be wrong.
The obstetrician/gynecologist can call up an expectant mother’s medical records on his iPhone, or even watch the fetus’s heartbeat on the device once the woman is connected to a hospital monitor, wherever he might be at the time.
According to AirStrip, the San Antonio software company that developed the app Nuñez uses, there is only a three- to five-second lag to get information to the physician’s mobile device. AirStrip also makes a version for cardiologists and has an upcoming version that will monitor other critical data in intensive care units and emergency rooms.
Groundbreaking, indeed. But what about from a security perspective? We’d like to hear from you if you work for a healthcare organization is using mobile devices this way.