Mobile device usage is growing rapidly in the healthcare industry. Recent studies have shown that many surgeons and medical device sales reps are going mobile in their daily jobs to help improve their productivity.
Smartphones and tablets have enabled surgeons to easily capture and share patient images to improve overall care. Sharing complex cases with colleagues or resident surgeons had previously been done via email or phone conversations. The goals of sharing this information have remained the same — to educate on best practices and/or gain the insight and perspectives of peers.
What the mobile revolution has created is a new playing field, empowering surgeons to capture images of X-rays, MRIs and CT scans on their mobile devices and share these over a wider network online. No longer are surgeons confined to their own four walls inside the hospital. They can network, share, collaborate and facilitate – all from a handheld device.
Has this innovation opened up the Pandora’s Box of risk? Personal health information (PHI) is sacred in healthcare, which is why stringent regulations and compliance requirements exist to define what can and cannot be shared. Mobility has created holes in what has traditionally been considered a secure industry.
The costs associated with a breach of PHI are high. According to the Fourth Annual Benchmark Study on Patient Privacy & Data Security, healthcare employees are fueling breach risks with the increased use of their personal unsecured devices (smartphones, laptops and tablets). The vast majority of Business Associates—those that have access to PHI—are not yet in compliance with the HIPAA Final Rule. While the cost of a HIPAA breach can range from less than $10,000 to more than $1 million, the Ponemon study shows that the average cost for organizations represented in this year’s benchmark study is approximately $2 million over a two-year period.
And so we see this ongoing struggle, between surgeons who are adamant about being able to use their mobile devices thanks to the significant productivity gains and IT and Risk officers who need to ensure that their hospitals aren’t at risk of hefty fines. But there can be a meeting of the minds. IT and Risk can continue to learn about how their employees are using their personal devices while continuing to educate on the potential security risks and how to avoid them.
As a provider of a medical image sharing and collaboration platform for surgeons and medical device companies, you can imagine how seriously we take HIPAA compliance and PHI regulations. Our system ensures hospitals and medical device companies are safe from risk. If you are considering a communication or image collaboration system, here are five things to make sure you know:
- Are members 100-percent verified to be who they say they are? There are various ways to go about this if the vendor is willing to take this on. Our private communities are 100-percent verified. There is no question that you know the person with which you are communicating.
- Does the system provide native, easy-to-use tools to destroy PHI without leaving a trace on the mobile device? It is also a good idea to ensure that the platform is HIPAA compliant even if PHI is not allowed. (We are.)
- Does the system offer human filtering to prevent PHI from inadvertently entering the system? This can be time consuming and expensive. In our private communities, we go above and beyond, allowing the community owner to assign live moderation and screening. Or, our trained team can provide that service.
- Does the system offer full audit capabilities in the event PHI does sneak into the system? While we believe our system to be bulletproof, in the event that PHI somehow slips past the goalie, we have built-in audit and reporting tools.
- Is it widely available and easy to use? Even the most secure and risk-free tool for sharing medical images will fail if the user experience is poor. It must be easy and fast, and the platform must be a breeze to obtain.
If you’d like to learn more about our medical image sharing and collaboration platform and how HIPAA compliance plays into our technology at eRounds, we’d love to hear from you.