- Organizations still struggle to deploy an advanced healthcare mobile strategy to meet development and usage needs while remaining HIPAA compliant.
Entities need to give clinicians and users what they want out of a mobile environment while ensuring all devices and apps are secure and that mobility is used to improve workflows.
Organizations seek methodology in their mobile strategies, and also want a platform that lets them consistently build apps that speak to their mobile strategy and compliance needs, Red Hat Director of Healthcare Craig Klein told HITInfrastructure.com.
“Entities need platforms to build on,” Klein stated. “They need something that they don’t need to think about; a platform that is automatically integrated into the back end that they can develop on time and time again.”
Health IT infrastructure is becoming more advanced, which results in organizations looking to utilize mobile devices to their best capacity. Klein explained that many healthcare mobile use cases involve using images to capture a patient’s current state.
“The clinician has a phone in their hand and wants to take a picture of a patient’s wound,” explained Klein. “To remain HIPAA compliant, the image cannot be stored on the device. The image needs to flow directly through the system and connect in the backend to the EHR system.”
“Using the properly built applications, clinicians now have the ability to get data that has never been able to be captured quickly and easily before.”
Healthcare mobile strategies need to include remote monitoring and applications that can be used in patient homes for telemedicine programs. Organizations need to build apps that clinicians can easily and securely use on-premises and remotely.
HIPAA compliance is one of the biggest concerns healthcare organizations have when developing a mobile strategy.
“It's all about security,” Klein stated. “One thing that scares people in the healthcare community more than anything is security.”
“Things are opening up to be able to share information and data to improve the quality of care but also to comply with value-based care initiatives. This also opens things up for consumerization,” he continued. “Data is flowing everywhere and without control it gets scary.”
“The ability to have an intermediary tier between the healthcare provider, the mobile solutions, and the backend system is absolutely critically important,” Klein stressed. “That's how modern technologies allow organizations to secure their clinical data.”
“From a HIPAA perspective, not only is it secured from a pure security standpoint, but clinicians and administrators are to be able to take care of data in a different way.”
The middle tier allows organizations to avoid the common pitfall of designing an app that looks good from a user perspective on the front end but is a disaster on the back end. Advanced mobile development platforms work this way, and the middle tier plays a significant role in ensuring the applications and devices remain HIPAA compliant.
“The decision-making process and tying it into the back end are things that aren’t always thought about,” said Klein. “There are organizations that are disorganized. Their apps may look pretty, but none of them tie together.”
“The most important thing to make mobile work in healthcare is tying everything together in the backend,” he continued. “The pretty interface on the front end is the easy part. Organizations are going after it backwards because it was always an added tool but now it's a critical piece to have.”
Not considering how the legacy technology will work with the new technology being introduced is another big mistake organizations make when developing a mobile strategy with advanced features.
“Organizations may have this great cloud technology but unfortunately none of the existing legacy tools work,” Klein explained. “The organization basically has to throw everything out and start all over again and which just isn’t realistic.”
“Entities need to have a hybrid solution that allows them to keep using some of their legacy solutions as they move their environment,” he continued. “This allows organizations to migrate what existing programs or applications they want to write. “
“Organizations need to be able to use a combination of new and legacy tools to manage it all and then have a plan to migrate some of that older technology over time to the newer things.”
It’s important that organizations figure out how they want to transform their mobile strategy before any building or migration takes place.
Klein maintained that it can’t just be an “either/or” because it takes too long and it’s too disruptive to everyday workflow when organizations can’t use their new or legacy technology.
“A lot of the applications will either only run on site or only run in the cloud,” Klein explained. “Some organizations may want to run some applications in the cloud and some applications on site and want to be able to manage both. It's really important to be able to have that flexibility.”
“No matter how entities decide they want to run their applications, they need to build flexibility into the system and not lock themselves into one technology,” he continued. “It needs to be open so they can take advantage of what they have and move it over time.”
“There's a lot of holes within the medical record systems. Those holes can be filled with technology that can be done from a mobile perspective,” Klein concluded.
Many healthcare organizations are plagued with data technology that hinders them from developing a fully functional mobile strategy. Healthcare organizations need to examine their environment and figure out how to modernize it effectively and make sure it’s flexible. Entities need to look at technologies that are truly flexible and will not lock them in.