In the news, more and more reports on Docs using their mobile devices are springing up. This could be good or bad news depending on your attitude towards privacy and your personal health information.

The Good

 It has long been a perception that the health care industry is living in the stone-age when it comes to adopting cutting edge technology and information services in the context of patient services, but with the HITECH Act, HIPAA Compliance regulations, and the pervasiveness of smartphones, this is changing quickly. 94% of docs are now using mobile phones, a 60% increase from a 2006 study performed by the Spyglass Consulting Group in Menlo Park, CA. Having such widespread adoption would lead one to believe that doctors now have the ability to be much more repsonsive to their patients and can get more done. Think again…

The Bad

The same study performed by Spyglass also found that 78% of the doctors in their sample reported issues communicating with their smartphones. This was in large part due to the lack of integration with other services they use (EHRs, Patient Management Systems, proprietary email clients, etc.) and/or the inability to receive mobile reception/services in a particular area or hospital.

While it seems there is more open adoption of technology within the health care industry, it is apparent that there is little convergence and integration occuring between the desktop/web application and the mobile worlds. Obviously, there is a lot of work going into integration between health care application platforms and clients (devices, desktops, etc.), but it is hard to see when true inter-connectivity will actually happen in the context the ONC would like to see it.

The Ugly

It is on your mind: “My information is on a device. That device can be lost or stolen. My information is not secure.” This is true, scary true. Mobile devices and smartphones are amazing utilities, but they also provide one of the scariest security holes for health care CIO’s and compliance officials. If a doctor leaves their device, by accident, in a coffee shop and it is not locked or secured in any way, that information is now public in the mind of a security expert.

According to Veterans Affairs, 37 smart phones were lost in the past two months (June/July) by employees. Smartphones that have thousands of emails on them with sensitive information. Compound these numbers by the number of docs using smartphones and we have a lot of sensitive information floating around.

There are some basic counter measures that help secure devices, e.g. lock-and-wipe, time-outs, password protection, but if we have learned anything about digital security, there is no such thing as total protection.

Another issue with mobile devices and smartphones is their reliability when sending patient data/information. For example, a doctor uses their smartphone to send a prescription to a pharmacy. How do we know it got there? Went to the right pharmacy? Or if it did not get there, where did it go? The reliable transmission of sensitive data over the network when using mobile devices is immature at best, especially when it is clear that inter-connectivity has not been addressed.

Summary

With the widespread adoption of technology in any area, there are always going to be security concerns. As the health care industry moves towards the ubiquitous adoption of mobile devices and the digital exchange of health information, we must realize there will be challenges and not to live in fear of them.

CIOs and Health IT experts will need to look into new solutions to create robust and reliable security policies that cover their network from end-to-end, even the hard to control and manage smartphones.

John Moore is a much smarter person than I, and his colleagues at Chilmark research know their stuff, and that is why I was so happy to see Mr. Moore discuss HIEs in his Health IT News Blog on August 4, 2010 (“HIEs in the Public Interest”, http://www.healthcareitnews.com/blog/hies-public-interest).

John, in greater eloquence than yours truly could deliver, openly discussed the problems with the haphazard way health information exchange is being approached within the healthcare industry. Yes, we know that there are large numbers of dollars dedicated to establish a free flowing, secure network of health information; and yes, there is a limited timeline. This is not an excuse to achieve interoperability the wrong way, but instead a call-to-action to do it right!

An interesting point in John’s blog is his comparison to private vs. public HIEs and how they are organized. It should not really be too surprising that private HIEs are more efficient and organized. The private sector’s main goal is optimization to increase margins without comprimising quality (hopefully). States don’t really have the same motivations, and typically they work with grants and funding allocated to special initiative programs thatmust be spent, not conserved. This is not a cheap shot at the state HIEs, just an observation of how projects are organized between the two sectors.

Mr. Moore goes on to make a great comparison to the Interstate System and Eisenhower’s vision for an interconnected nation, including a statement that like the Interstate Highway System, “it won’t be cheap”. The current amount of funding for public HIEs is half a billion dollars… that is not cheap!

I think that with the right plan in place, we can solve the connectivity problem in a cost-effective way with a reasonable timeline. Having said that, John is right, that a plan and vision will make HIEs a success and will become a “Symbol of Health”.

Let’s face it, Middleware is not sexy. It is the stuff that literally can be found in “the middle” or lying below the surface of what a general user of software technology experiences. CloudPrime, to many, is just that: a service that allows applications to communicate in a scalable, secure, and cost-effective way. Yep, that sounds like Middleware.

However, what is not typically available through Middleware services, is a portal; a window that allows a user or manager gain visibility into a system. CloudPrime is an exception to that rule and offers a very detailed (even sexy) interface that allows professionals to have better visibility into their messaging network.

CloudPrime’s messaging portal provides a variety of features for network managers and users alike, including:

- Simple, graphical interface for easier management

- File-level tracking

- Connector management

- Message network reporting

- Exception reporting

- Network message alerts

Whether you are a Healthcare Application Integrator, EHR Vendor, or Healthcare IT Professional, how you connect systems and manage the messaging infrastructure between them is extremely important, especially in the context of compliance.

The idea behind the CloudPrime portal is to give Health IT Managers and users more out of their Middleware, and expose as much information as possible, allowing these users make intelligent, well-informed decisions about how they connect systems.