Day: September 20, 2014

Making mobile first in healthcare


Mobility poses risks in healthcare, especially when it comes to compliance. However, companies are embarking on “mobile-first” health IT strategies by focusing on web framework, management support, and mobile security training tailored to the healthcare user community. Kaiser Permanente and the Department of Defense Military Health Services are two examples pioneering mobile health.

Previous Mobility Hub blogs, such as Healthcare Needs Pervasive Mobile Policy and Healthcare BYOD Is Risky Business, point to many of the risks that mobility poses in healthcare, especially in the age of HIPAA. However, there are signs that a mobile-first health IT strategy is possible.

Large commercial and military healthcare providers are making strides in mobility. Kaiser Permanente has also been making headlines with its mobile-first approach to customer apps. The company extended its original and very robust web presence to mobile apps:
Both of these apps secure patient information using existing Kaiser Permanente membership information and enable appointment making, refilling prescriptions, and emailing Kaiser Permanente doctors.

Kaiser Permanente launched its latest mobile initiative earlier this year, and made a point to wrap its web and mobile security together. That could be reassuring for some skeptical customers. Details were covered in a press release:

Users’ personal health information is safe and secure while using the new app and the mobile-friendly kp.org, which employ the same security safeguards that protect patient information on the traditional kp.org website, including secure sign-on and automatic sign-out after a period of inactivity.

Part of Kaiser’s extension of web to mobile is an in-depth privacy statement that covers customer information and privacy both on the web and through its mobile apps.
Kaiser’s approach is a step above my own homegrown efforts to use my personal iPad and email to manage doctor appointments and communications. Recent write-ups show the number of Kaiser customers interacting with the company to be on the rise.

DOD requires innovation and balance
When I look for prime examples of mobile-first health IT strategies, I look to the United States Department of Defense, rather than a major urban hospital. A recent FederalNewsRadio.com guest editorial by Mark Goodge, the CTO of the Military Health Service, paints a picture of the challenges its mobile strategy faces trying to serve beneficiaries both on active duty and retired from service.

The DOD is regularly rolling out apps to help treat a variety of physical and mental ailments with the apps becoming a valuable extension of traditional medical care.

Healthcare organizations are in the business of healthcare — not IT, much less mobile devices. While the end-user community can be awfully smart, they aren’t tech people. This means that mobile security education needs to be ongoing and focused on the audience, which may have specific needs.

In the end, a mobile-first health IT strategy needs to have a customized mobile security education program as its foundation. Healthcare workers need to learn mobile security as it applies to their world, not from a stock mobile security class.

Mobile-first healthcare strategies face cultural, compliance, and industry challenges. It is a necessity to accommodate patients and a diverse healthcare workforce, however, so IT must take a holistic approach to mitigate the risks while improving doctor/patient communications and overall patient care.

Image by freeimages.com user: kikashi

This post was originally published on The Mobility Hub on January 25, 2013

Will Kelly is a technical writer and analyst based in the Washington, DC area. His writing experience also includes writing technology articles for CNET TechRepublic and other sites. Will’s technology interests include collaboration platforms, enterprise mobility, Bring Your Own Device (BYOD), project management applications, and big data.

Charting your enterprise data for BYOD security


Huddle, the collaboration platform vendor, has released its survey report, “State of the Enterprise Information Landscape,” which includes some interesting findings around information security and bring-your-own-device (BYOD). The report finds that 73 percent of office workers in the US and 61 percent in the UK are downloading personal software and apps on enterprise-owned tablets. Additionally, 52 percent of US workers (59 percent in the UK) use personal laptops, tablets, and smartphones to store and work on enterprise content.

The numbers in the report testify that enterprises need to focus on their “enterprise information landscapes” as part of their overall BYOD security strategies. Charting that landscape is another tool for locating your corporate data vulnerabilities through consumer file sharing and other cloud apps that open security gaps, thus exposing organizations to data loss.

Enterprise information includes proprietary and competitive information, such as internal business and financial documents, product development documentation, and policies and procedures. The information may reside on the enterprise network, in cloud storage, or in a collaboration platform workspace or document library, in both approved and unapproved locations, and any security issues that you might find need to be remediated. It is no longer enough to centralize corporate documents on an enterprise or cloud collaboration platform.
Enterprise mobility and BYOD in particular raise the security stakes for what was once a largely document-versioning exercise now that access to corporate information has become an anytime/anywhere option for employees.

Enterprise information charting tools

Tools for charting your enterprise information landscape include:

  • User education about corporate document security policies that gives users a chance to share their experiences and best-practices
  • Official feedback channel for mobile users to use when they encounter issues with corporate approved/mandated cloud storage and/or collaboration platforms
  • User logs from corporate approved/mandated cloud storage and/or collaboration platforms
  • Corporate document publishing processes
  • End-point security tools
  • Mobile device management (MDM) monitoring dashboards

Charting an enterprise information landscape is a cross-functional exercise that should include technical writers and other document authors, sales management and the sales team, remote workers who access your network via mobile devices, and internal staff who work with contractors and use mobile devices.

Once you chart your enterprise information landscape, the final deliverable doesn’t have to be a “chart” or even a divisive internal document. Your findings can feed the following:

  • Improved cloud storage and collaboration tools and processes if it’s found that users are working around clunky but corporate mandated tools
  • Revisions to BYOD policies and training
  • Changes to end-point and device security
  • Changes to document management processes and workflow

Charting your enterprise information landscape can be a one-time exercise when your organization goes BYOD, or an annual audit using your in-place security solutions and BYOD user outreach. It’s all about keeping your BYOD and corporate mobile users honest while IT gains better insights into how BYOD users interact with corporate information.

Does your organization chart its enterprise information landscape?

This post was originally posted on The Mobility Hub on February 7, 2014.

Image by freeimages.com user: gerard79

Will Kelly is a technical writer and analyst based in the Washington, DC area. His writing experience also includes writing technology articles for CNET TechRepublic and other sites. Will’s technology interests include collaboration platforms, enterprise mobility, Bring Your Own Device (BYOD), project management applications, and big data.