In a recent article, “Guide to Health IT Trends for VARs and MSPs.”, Mike Monocello, Chief Editor of Business Solutions magazine suggests that Large healthcare systems are much more likely to have an existing IT staff in place and are already well down the path in their IT upgrades and migrations. However, “Small regional hospitals and physician practices, on the other hand, often don’t have an IT staff and are feeling pressure to understand and navigate what can be a confusing healthcare IT landscape,” he says. Here are the 3 key areas of concern for most smaller providers.
Accessing Patient Records via Mobile Devices
As the healthcare market around the world attempts to comply with a barrage of requirements, it requires a significant shift in the habits and workflows of healthcare providers. Mobile devices can ease this transition by giving providers immediate access to patient information and shortening the data capture process. Managing mobile devices can present a huge challenge for the healthcare provider. Hospitals, for example, have lots of rooms, closets, and other areas where mobile devices can easily be misplaced, presenting both productivity and security concerns. These threats are further heightened if a device is stolen. For these reasons, mobile device management (MDM) solutions are an invaluable tool. MDM is a building block that enables your IT MSP to track, wipe, or push settings to mobile devices. It is important to keep in mind, however, that while MDM is the foundation of a strong mobility management strategy, it is not a stand-alone solution for complete mobile computing and data protection, and it shouldn’t be a single-sell service. It needs to be part of the bigger managed services engagement.
Build a Secure Wireless Network
With the massive increase in mobile devices being adopted in healthcare, the role of the wireless network naturally becomes more important. If the network is not configured properly, for example, during high traffic periods some users will be dropped from the network while others will experience the equally irritating “hourglass” icon as the mobile device attempts to access the sliver of bandwidth available. In an environment where data is used to make important decisions, problems such as data bottlenecks, dropped connections, and mobile device freeze-ups are unacceptable. Setting up and configuring a secure, reliable, and seamless wireless network is not a trivial task. That’s why we recommend that you partner with a Managed Service Provider to build and manage your wifi network.
Virtualization and the Cloud
According to a 2014 study from the Ponemon Institute, the potential cost of breaches for the healthcare industry could be as much as $5.6 billion annually. Minimizing or even eliminating local data storage on PCs and mobile devices is one way to mitigate security threats. Additionally, using a centralized and controlled data backup location or multiple offsite certified data storage locations will also ensure better security as well as quicker data recovery times in the event of a local server failure. Within healthcare, the cloud is becoming the preferred environment to host virtualization technologies, run business applications, and store data — including PHI. When healthcare organizations attempt to “go to the cloud” on their own, there are a number of potential pitfalls including:
- Using public cloud services, which may have limited application integration – i.e. may not support your electronic health record (EHR) application
- Management functionality is limited and cannot be monitored remotely by a third-party provider
- Inadequate data encryption and other security protection.
- Failing to understand the cloud provider’s backup and disaster recovery (BDR) policies to ensure that data could be recovered in an acceptable time, following a local hardware failure.
- Data residency shortcomings. PHI that is stored and accessed in data centers outside of the country is a HIPAA violation. Although many public cloud providers do have U.S.-based cloud data centers that would correspond with U.S.-based healthcare providers, many of these same cloud providers may back up their servers to off-shore data centers, which is where the problem lies.
- Wireless access points. Without proper access controls in place, organizations are unable to control who has access to the data on their networks and what types of devices are attempting to access it.
In a healthcare environment where patient care needs, improved productivity, and HIPAA compliance must all be taken into consideration with every decision, partnering with the right IT Managed Services Provider (MSP) is an invaluable resources to your healthcare organizations. By focusing on PHI security needs of the smaller providers and bundling mobile, wireless, and cloud solutions with managed services, we can help you navigate the IT jungle and ease the healthcare providers’ worries.
Sleep better tonight, Contact Us today for a free Network & Risk Assessment.