“We found that IT network priorities for all participating hospital systems were consistently focused around accommodating greater mobile and wireless connectivity to their networks,” said Jennifer Horowitz, senior director of research for HIMSS Analytics , an arm of Chicago-based Healthcare Information and Management Systems Society, in a news release. “Simultaneously, the IT leaders were also concerned with ensuring the security of patient data, particularly as they relate to the challenges associated with Bring Your Own Device environments.”
According to several participants, lack of IT control with BYOD is a major concern.
“Data is exchanged insecurely whether you like it or not,” regardless of the controls an organization puts in place, one participant said. Several said “users at their organization have found ways to 'jail break' the security controls put in place.”
Health information exchange is another challenge, most prominently in that HIEs “have not 'taken off.'”
The participants' hospitals had a combination of wired and wireless networks with which they are “fairly pleased” in that they are stable and “applications work effectively,” the report said. However, those networks were “at a tipping point” due to exponential growth of wireless devices.
“With the installation of wireless networks, employees have increased access to Web-based tools to complete their day-to-day tasks,” it said. “The challenge is regulating access to the Web so that employees are not accessing the Internet for personal reasons.”
Several participants said individuals in their organizations access Amazon, Facebook and Twitter at work. “Despite attempts to disable access to these websites through the hospital network, the participants noted that employees have quickly figured out to access these websites using the guest network.”
Another IT issue was data storage, particularly “an ever-increasing number of data intensive images,” the report said. But when asked what they thought about cloud-based solutions, several of these IT leaders “indicated that they were comfortable” with a private cloud hosted by their software vendor, but others would not put identifiable patient data in the cloud, including one who said, “you don't know where your data is when you put it in the cloud.” Another spoke of difficulties in finding a cloud vendor that would sign a business associates' agreement and without that, “there was no way we were going to do business with them.”
Follow Joseph Conn on Twitter: @MHJConn