Today, Greenway Medical Technologies announced the release of its PrimeMOBILE™ app for Android and iOS devices, poised to tap into the 83% of medical providers who use mobile technology and the 93% looking to get their hands on Apple or Android devices shortly. Greenway’s app works with PrimeSUITE® to provide remote access to electronic health records (EHRs) within a password-protected environment. (If you want to know more about PrimeMOBILE™, check out Greenway’s website that includes a basic iPhone demo).
Mobile devices already play a significant role in the lives of medical staff and make them a logical choice for demonstrating meaningful use and collecting Stage 2 and 3 incentives. Despite their obvious benefits, mobile devices offer unique challenges to EHR implementation: Administrators must find new ways to safeguard protected health information (PHI) or risk penalties from violating the Health Insurance Portability and Accountability Act (HIPAA). Apparently, ensuring a patient’s security is competing with primum non nocere as the chief concern of health providers.
The importance of protecting a patient’s EHR makes the third panel of the roundtable (“Real World Mobile Devices Privacy & Security Practices, Strategies and Technologies”) a must-see for those overseeing or implementing EHR systems. A panel of five experts answered questions and discussed their methods for dealing with mobile access to patient information. A general consensus emerged among the panel that mobile technology is more than capable of safeguarding PHI while demonstrating meaningful use of an EHR system if it is properly understood and managed.
The safe use of mobile technology depends on how successfully decision makers are able to understand three key features of mobile technology use in medical environments: how policy governs the use of mobile devices, how mobile devices access information, and where and how patient data is stored. As HIT Privacy and Security Specialist Adam Kehler notes, the use of mobile devices in medical settings must “start with policy” and be followed by enforcement. If policy has no teeth, then it has little effect on the behavior of employees. Among the most important policies, health providers need to ensure that EHR use is restricted to appropriate personnel and officially registered devices, this according to Adventist Health System’s Corporate Data Security Officer Sharon Finney. And administrators must not overlook any detail of the devices their employees are using. Micky Tripathi, President and CEO of MAeHC, urges administrators to be aware of how employees use information via mobile devices and place applicable safeguards (e.g., encryption) on staff hardware in the event that equipment containing locally-stored data is lost or stolen.
As next-generation phones and tablets continue to replace last-generation mobile devices, their role in health IT innovation and EHR implementation is becoming more and more prominent. How developers of EHR systems will use this technology to help medical organizations enable their employees and protect their patients remains to be seen.