Going Mobile? Embrace the Cloud for Improved Security

Recently, an unencrypted laptop containing medical information on pediatric patients was stolen from a badge-access controlled area of a large academic medical center. The laptop contained information on about 13,000 patients, including their names, ages, medical record numbers, surgical procedures and the names of the physicians involved in their care.

This is just one example of how information on mobile devices can be easily compromised – and one example of what is becoming a troubling trend in healthcare. Of the 138 data breaches involving 500 or more patient records currently listed on the Health and Human Services site, nearly 30 percent involved mobile technologies, such as laptops or other mobile electronic devices – and theft is by far the most common type of security breach.

The security risks, however, could become even worse as mobile computing in healthcare becomes more prevalent. Results from the 2nd Annual HIMSS Mobile Technology Survey released late last year indicate that mHealth is already a popular option. The survey found that 93 percent of physicians participating in the study use mobile health technology in their day-to-day activities, and 80 percent use it to provide patient care. Nearly one in four have electronic health record (EHR) systems that capture clinical information from mobile devices, and 36 percent allow patients to access information and health records using a mobile device.

And, mHealth is likely to become even more common. A recent survey from Black Book Rankings identified a “meteoric trend” toward mobile EHR applications – especially for iPad apps. According to the survey, 83 percent of physicians indicated they would immediately use mobile EHR functions to update patient charts, check labs and order medications if available. As such, the mobile application market is expected to grow 500 percent by the end of 2014, Black Book officials said.

Patient demand is also driving mHealth growth. More than one-third of respondents to a recent Harris Interactive/HealthDay poll said they were "very" or "extremely" interested in using smartphones or tablets to ask their doctors questions, make appointments or get medical test results. In addition, about the same number of consumers wanted to use mobile phone and tablets for actual healthcare services, such as monitoring blood pressure or blood sugar, or even getting a diagnosis, according to the poll results, which were based on an online survey of 2,050 Americans aged 18 and older.

With the interest in mobile computing mounting, healthcare leaders need solutions that enable mobility and access, while at the same time, ensuring the upmost security. Karl Strohmeyer, group vice president of North America Enterprise at Level 3 Communications in Broomfield, Colo., suggests that healthcare organizations can allow clinicians to securely leverage mobile devices if they just let the data live in the cloud. In fact, network and cloud service providers deliver a comprehensive set of services to ensure the privacy of patient data.

“Cloud computing is not only less expensive and easier to administer, it is much safer than other methods being used today,” Strohmeyer says, as he dismantles the commonly held assumption that cloud computing is a security risk. “Currently, the use of passwords and data encryption technologies, as well as setting limits on the amount of data that can be stored on mobile devices are the most popular methods. However, the cloud easily exceeds the security and data capacity these methods can provide.” 

“Indeed, when personal health information is stored on physical devices, the data is extremely vulnerable – as the devices can be picked up and stolen or lost at any time. When data is stored in the cloud behind encryption, it is much less likely to fall into the wrong hands,” Strohmeyer says.

While privacy and security are often among the concerns that healthcare providers express when discussing cloud-based models, cloud providers typically offer more robust security than what provider organizations could come up with on their own. Just as healthcare organizations’ core competencies are to provide quality care, cloud companies must have highly sophisticated security protocols that secure data. This is the lifeblood of their business. Because network and cloud service vendors can offer this high level of security, healthcare organizations can rest easy and concentrate on leveraging mobile technology to improve care delivery.

Indeed, contrary to some commonly held perceptions, research released by Microsoft Corp. shows that small and midsize businesses (SMBs) can gain significant IT security benefits from using the cloud. The study shows that 35 percent of U.S. companies surveyed have experienced noticeably higher levels of security since moving to the cloud.

“The cloud doesn’t just provide cost and convenience benefits,” Strohmeyer says. “The cloud offers the ability to secure vulnerable information that is often stored on mobile devices. That way, if a doctor’s tablet is swiped off a desk, the only loss is the instrument – not sensitive personal health information.”

The Healthcare ecosystem is in the midst of a massive evolution. As patients demand access to their records and care givers want to be enabled through mobile tools and technologies, mHealth is truly inevitable, and thus, to remain secure, so is the cloud.