Mobile device management (MDM) strategies for healthcare organizations

Photo by rawpixel.com from Pexels

The value of customer data is a top priority for any enterprise. Patient health information (PHI) carries higher security stakes, requiring mobile device management (MDM) and accompanying strategies to secure this high-value information and ensure patient privacy.

Mobile strategies for HIPAA compliance

When users access PHI using an unsecured device, they are violating the Health Insurance Portability and Accountability Act of 1996, better known as HIPAA, according to HIT Infrastructure. Such violations bring costly fines and lots of bad press.

Further complicating the issue, doctors and other professionals accessing the data may not even be employees of the hospital where they are providing patient care. IT must prepare for this BYOD scenario. Creating BYOD policies for healthcare organizations requires:

  • Defining cases for acceptable use
  • Detailing privacy and data ownership expectations
  • Approving devices and device provisioning
  • Crafting security policies for BYOD devices
  • Evaluating risks and liabilities

It’s possible to bring mobile devices into HIPAA compliance by developing an MDM or enterprise mobility management (EMM) strategy and implementing the appropriate security policies to secure PHI and institution-owned or BYOD devices. Achieving such compliance may require bringing in a third-party professional services firm that specializes in mobility compliance. You should also be working with your outside auditor at every step of your mobile device rollout.

HIPAA compliance also extends to texting, group chat and instant messaging within a healthcare enterprise. There’s a growing list of HIPAA-compliant messaging solutions that target healthcare enterprises. Client apps for these solutions are often available for:

  • Corporate-owned devices
  • Employee-owned devices
  • Corporate-owned PCs
  • Personal PCs

Physical working environment

The healthcare industry workforce is on their feet for eight to 12-hour shifts, with much of that time spent responding to immediate patient needs and emergencies. These working conditions make it easy to leave a mobile device on a counter or a table; the open nature of a hospital makes it easy for somebody to walk off with the device inconspicuously, never to be found.

Having MDM with geofencing, which uses a mobile device’s GPS to create a boundary that triggers a response when a user crosses it, can also protect PHI from leaving the healthcare facility. For example, you can set a policy that blocks access to hospital applications that contain PHI from all corporate and BYOD devices running an MDM client app as soon as the user leaves your facility with the device. When they return for their next shift, the geofencing solution restores their application access.

Wearables and connected devices

Wearables are becoming increasingly popular with consumers, and the healthcare field is finding ways to use wearables for patient monitoring outside the traditional healthcare setting. Healthcare providers may issue patients a wearable for use in monitoring a health issue. There are also patients who already own a wearable device that captures data that might help their doctor to further monitor their health condition.

Healthcare enterprises face many of the same challenges as a commercial enterprise when securing wearables, but they have the added need of strict HIPAA compliance. The amount of PHI data these wearables generate also prompts the need for strong data governance and an MDM strategy. Your data management policy will need to account for:

  • Patient data ownership
  • Privacy policy compliance
  • Cybersecurity protections over the data in transit and at rest

These challenges extend to medical devices such as insulin pumps, defibrillators, CPAP machines, cardiac monitoring devices and oxygen tanks equipped with IoT sensors for remote monitoring. These medical devices provide real-time information to caregivers and clinicians while enabling the patient to receive care at home. Sensors Online explains these devices face the following challenges:

  • Design: The design process for a remotely monitored device is different from those designed for in-hospital use and different from common IoT devices, such as telematics or security devices.
  • Certification: The often-underestimated wireless device certification process, which is separate from the FDA’s testing for all new wireless devices.
  • Collaboration: Connectivity challenges are posed from manufacturers all the way down to the people who manage these devices.

The OWASP Secure Medical Device Deployment Standard provides a guide and checklist for deploying these network-enabled devices. You can expect to see MDM vendors evolve their IoT security portfolios to secure these devices. Blockchain, the secure digital ledger, shows promise in helping secure medical devices, according to Network World, but it is an emerging security technology that is still suffering performance hurdles.

Mobile device management in healthcare organizations

The prognosis for implementing mobile device management in a healthcare enterprise is healthy if the healthcare institution’s IT staff works closely with their user community and outside auditors to implement HIPAA-compliant mobile solutions that empower clinicians and other healthcare professionals to serve their patients better.


This post originally appeared on Mobile Business Insights on January 11, 2018. The site is no longer in publication.


My name is Will Kelly. I’m a technical writer and content strategist based in the Washington, DC area. I’ve written for corporations and technology publications about such topics as cloud computing, DevOps, and enterprise mobility. Follow me on Twitter: @willkelly

Mobile apps for healthcare professionals: Current and future trends

Photo by rawpixel.com from Pexels

Mobile apps for healthcare professionals are becoming the norm in hospitals and medical practices around the country. After all, healthcare workers are the ultimate mobile workforce — they are desk-free and need tools for instantaneous collaboration and information retrieval. The global mobile health app market is projected to be valued at $28.32 billion in the year 2018. It’s expected to reach $102.35 billion by 2023, growing at a compounded annual growth rate of 29.3 percent during the period, according to Research and Markets.

Mobile apps in a healthcare environment promote secure collaboration and retrieval of patient health information (PHI) from anywhere in the hospital or practice. In the US, all healthcare mobile apps must be HIPAA compliant, so consumer app solutions don’t meet those security requirements. This gives rise to a new class of secure mobile apps for healthcare professionals.

The growing influence of mobile apps for healthcare professionals

The impact of mobile apps for healthcare professionals isn’t lost on the industry. The American Medical Association, American Heart Association, Healthcare Information and Management Systems Society and digital health nonprofit DHX Group are founders of the guideline-writing nonprofit called Xcertia, according to AMA Wire. The nonprofit calls for mobile app assessment in the following areas:

  • Operability for a reasonable user experience
  • Privacy over user information and PHI in full compliance with federal and state laws, rules and regulations
  • Security protecting the app from external threats
  • Accurate and current content in the app

Mobile apps are also having an impact on the home healthcare market, enabling patients to leave the hospital for home sooner. A home healthcare worker can use HIPAA-compliant secure messaging to communicate with colleagues. They can even retrieve a patient’s electronic health records (EHRs) securely using their smartphone or a cellular-equipped tablet. The more a home healthcare worker can do from the field, the more time they get to spend with patients. It’s the same use case you hear for field services workers such as cable technicians.

In general, healthcare professionals have many new mobile capabilities to look forward to in the coming years:

1. Unified mobile clinical communications

A unified communications solution is the standard communications and collaboration platform for many of us. Healthcare security requirements demand secure solutions, so it’s important to watch the unified mobile clinical communications trend, as reported by Healthcare IT News. Think of it as unified communications and workflow for healthcare professionals. The aim of this technology trend is to unify single-purpose apps under a single user interface, promoting staff efficiency.

2. Mobile video chat for telemedicine

As more health insurance companies and hospital conglomerates diversify into telemedicine, mobile apps will play a greater role. For example, a physician on-call for telemedicine duty can open a patient conference using their smartphone or tablet rather than having to sit at their PC. The quality of the experience will only improve with the advent of 5G and faster broadband.

3. Patient engagement

Because physicians, nurses and other medical professionals are always on the go, it’s important to employ tools to enhance patient engagement. Additionally, hospitals must track patient outcomes to stay compliant with the Affordable Care Act, according to Government Technology. There’s a new generation of mobile apps going live to provide performance metrics, address patient feedback, track possible trends and pinpoint workflow gaps. Envision a nursing supervisor being able to track departmental patient metrics or making a scheduling change using a smartphone app while they are walking the floor or even while at home between shifts. Furthermore, the handoff of such patient-engagement data is made easier during shift changes because supervisors and nurses all have access to the latest data.

4. Improved HIS access

With more powerful mobile devices, secure Wi-Fi, MDM and geofencing now in place, it opens up improved access to Health Information Systems (HIS). Healthcare professionals gain better access to EHRs through robust mobile apps with secure links to cloud back-end systems.

5. Improved scheduling from mobile devices

Hospitals are a walking, talking example of difficult scheduling, with employees working varying shifts that constantly change. There’s a growing class of mobile scheduling tools that enable nurses and other healthcare workers to enter in their shifts months in advance. These tools use algorithms to memorize their most common shifts, reducing schedule entry time in the future. Staff managers can also use the apps to communicate schedule changes to their team.

What’s next: AI and the future of healthcare mobile apps

The future of mobile health apps truly may be the deployment of artificial intelligence. The technology is already disrupting clinical workflows by offering healthcare professionals new decision-support tools. Think of a healthcare professional accessing an AI-powered mobile app to review a patient’s EHR or to research symptoms. As reported by MobiHealthNews, AI-driven mobile health certainly isn’t without its challenges, such as hospital infrastructure and patient privacy. And while AI could augment healthcare professionals, there are those that are concerned it could take away jobs.

The healthcare industry will have to deal with such challenges before AI becomes commonplace in healthcare mobile apps, but the trade-off is empowered professionals who are able to provide more efficient and integrated patient care with all the data they need right at their fingertips.

This post was originally published on Mobile Business Insights on March 26, 2018. The site is no longer in publication.

My name is Will Kelly. I’m a technical writer and content strategist based in the Washington, DC area. I’ve written for corporations and technology publications about such topics as cloud computing, DevOps, and enterprise mobility. Follow me on Twitter: @willkelly