BYOD: Implications for Healthcare

Bring-Your-Own-Device (BYOD) as a concept, where employees use their personal devices for official work, is catching on in workplaces around the world in several sectors. I believe there is great potential for the healthcare industry as well to reap the benefits of this trend. Undoubtedly, there are apprehensions about and challenges to the large-scale adoption of BYOD in the healthcare space. However, none of these are insurmountable and I think that in a few years’ time, BYOD may well be the norm rather than the exception.

Mobile healthcare is a key driver
The global mobile healthcare (mHealth) market will grow at an astonishing rate over the next few years, according to Transparency Market Research, hitting US$10.2 billion by 2018, an almost eight-fold increase over its 2012 value of US$1.3 billion.

Rising in tandem with this burgeoning trend is BYOD, a culture which is rapidly gaining traction worldwide. Hardly surprising, since BI Intelligence reports 1.4 billion smartphone users in 2013, or 22 per cent of the world’s population, up from just 5 per cent in 2009. Tablets, at six per cent global penetration currently, are growing at an even faster rate.

As hospitals and healthcare companies ride the massive mHealth wave to efficiency, they will inevitably need to address the increasing demand for BYOD from employees who feel that using their own personal devices allows them to be more productive due to the flexibility to work wherever and whenever they want.

Benefits of BYOD
In fact, its adoption into the organisation is to be encouraged. A study by Napier Healthcare found that many clinical services like patient portals, medication management, remote monitoring, registration and scheduling are some of the lowest hanging fruit when it comes to leveraging the power of mobility.

Each of these services offer high reward with low implementation complexity, and all of them can easily be leveraged with personal devices and a prudent BYOD policy. Better still, the accrued benefits are immediately seen from the perspective of both productivity and cost.

1) Higher Personal Productivity: At the simplest level, because a personal smart device like the iPhone and Android is always on hand, allowing these devices will enable employees to have faster access to their emails and calendars, enabling them to plan their schedules more quickly.

2) Higher Business Productivity: More than just allowing these devices within the work environment, proactively equipping them with medical applications can be a significant boost to productivity in managing Patient’s health. With ubiquitous access to relevant information, Doctors, administrators and medical staff can be equally efficient no matter where they are. The removal of physical boundaries will result in a higher level of patient care.

3) Lower Operational Costs: From a practical standpoint, BYOD also means reduced costs to the hospitals. It is a win-win situation because employees want to use their own preferred computing devices, and are willing to spend money to own them. Businesses will not need to cater to the full ownership costs and can offer partial subsidies for approved equipment. Hospitals and clinics will also reap savings from minimal training since employees are already familiar with the operation of their devices.

Caveats to BYOD adoption and potential solutions
However, there are a few caveats that must be addressed even as BYOD adoption accelerates. According to Gartner, three of the most critical issues are corporate governance, mobility management and security. Inadequate focus on these imperatives can only lead to BYOD implementation failure.

In particular, the privacy of patient information is paramount and non-negotiable.

1) Device Security: Having access to such information through personal devices means extra measures must be taken to prevent unauthorised access. Device security, in terms of encryption and access controls, is critical. However, whilst it is critical to deploy tighter security to prevent unauthorised and malicious intent in providing access to medical records from outside, these measures must not be so onerous as to defeat the purpose of flexibility and ease of use. Some hospitals allow read-only access for medical records from outside the office but the read-write access is available only when the device is within the premises.

2) Network Security: Data security is imperative as data is transmitted through the public network. Virtual private networks, for one, can work wonders in this case. Two-factor authentication adds an even stronger layer of security and it can also be used where needed. In the US, stringent regulation ensure that records are transmitted only in the secure communication mode coupled with data encryption.

3) Infection Control: Finally, unique to the hospital environment is the issue of infection control. Equipment must be properly sterilized, particularly in high risk areas – This means ruggedization of devices to adapt to the usage and practices in the clinical environment. Whichever system is chosen, the solution must be compliant with the Health Insurance Portability and Accountability Act (HIPAA). The HIPAA Security Rule requires that healthcare providers set up physical, administrative and technical safeguards to protect the electronic health information with safety measures such as access control to the information and encryption of the stored information.

To conclude, hospitals must adopt BYOD in conjunction with specific business initiatives. Despite challenges of integrating “unofficial” hardware into the hospital ecosystem, avoiding BYOD is not an option, given the many positive benefits that accrue. Yet it must be approached with proper care. By purposefully introducing key technologies for ensuring security, privacy, data integrity and ruggedization, many of the challenges can be mitigated or even removed. More importantly, the enormous benefits for healthcare operators in terms of cost reduction, greater operational efficiencies and enhanced patient care can be realized.

-By Karthik Tirupathi
The author is the CEO of Napier Healthcare, a healthcare IT firm on a journey of transformation in an industry constantly undergoing revolution.