Where to begin with this article. First and foremost, this author is correct that BYOD and HIPAA are a concern for healthcare IT departments. However, the remainder of the article has a very narrow view of healthcare especially in a large health system setting.
A recent KLAS survey of 105 CIOs , IT specialists, and physicians in the US, found that 70 percent used mobile devices to access their electronic health records, including customers of nearly every major EHR (Epic, Cerner, GE, Allscripts, Siemens, MEDITECH, and McKesson). The vast majority of organizations, 94 percent, were supporting Apple, with 49 percent and 44 percent supporting Android and Microsoft, respectively.
It is true that the majority of physicians are accessing clinical systems from their mobile devices but this is usually done via Citrix or Mobile application that doesn’t store any information locally. Even in the mobile application scenario the data is stored on a backend platform and synced upon initiating the app.
Most of the security solutions hospitals are adopting have potential negative effects on the effectiveness of the tools. For instance, if the hospital sets up a thin client so patient information is stored on a server and merely display on doctors’ devices, that means the doctor’s charts will fail if the network connection is compromised.
This excerpt is mind boggling at best. Please provide a clinical system in a large healthcare setting that stores information local to a device. All of the major EMRs systems referenced above are delivered via Citrix, Browser and Mobile App. If the network goes down on any of these solutions then it makes the EMR hard to access.
Based upon current road maps from the major EMR vendors there doesn’t appear to be plans to store data local to device which should address any HIPAA security concerns.