Hospital CIOs, or at least some of the best hospital CIOs, seem to get it. The others need to get on the ball, fast.
"If you don't have mobility in your strategy, then you don't have a strategy," Susan Heichert, senior VP and CIO at Allina Health System, a 10-hospital system based in Minneapolis, said at the 2012 Healthcare Information and Management Systems Society (HIMSS) conference in Las Vegas last week.
"I will tell you that mobile technology is where it's at," added Kay Hix, CIO and VP at Carilion Clinic in Roanoke, Va. Hix said her department is "gearing up from a privacy and security standpoint to support mobile technology."
That's great news for mobility, except that Heichert and Hix represent organizations far ahead of the national average in terms of IT adoption. Four Allina hospitals have achieved Stage 6 on the HIMSS Analytics EMR Adoption Model, as have four Carilion hospitals.
Heichert and Hix made their comments during a HIMSS press conference, where the trade group released the first set of results from its 23rd annual survey of senior health IT executives, namely CIOs and IS directors. Let's just say the two CIOs would not have been invited if they had been stragglers in terms of IT adoption.
Still, mobility seems to be on the minds of more than just the most advanced health IT shops. According to the survey, mobility and mobile devices moved up to the No. 2 spot this year among the primary IT infrastructure focus of the 302 IT leaders queried, named by 18 percent of respondents. Only servers and virtual servers polled higher, at 19 percent. Notably, mobile devices jumped from 12 percent a year ago, passing both desktops/virtual desktops and security systems to take second place.
Federal officials apparently were listening. The Stage 2 proposal for "meaningful use" of electronic health records, introduced last Wednesday morning at HIMSS12, officially released Thursday and due to be published in the Federal Register March 7, triggering a 60-day public comment period, calls on healthcare organizations to encrypt data on any mobile or portable device that retains patient information after clinical encounters. That includes laptops, tablets, smartphones and easy-to-lose USB drives.
"We proposed that there be default encryption of data on end-user devices, unless no data is kept after the session is ended on that end-user device," national health IT coordinator Dr. Farzad Mostashari explained during a HIMSS session that drew an overflow audience.
It shouldn't have to take a formal federal regulation to get the message across – or maybe existing regulation like the HIPAA privacy and security rules should do the trick – but it's about time people start realizing that personally identifiable health information is valuable to hackers and vulnerable to loss and theft. If you can, don't store patient data on mobile devices. If you must, make sure the information is encrypted. Period.
The fact that the meaningful use Stage 2 proposal addresses mobility suggests that mobile is not a fad. It will be an integral part of health IT going forward, and not a separate concern. Let's repeat Heichert's words: "If you don't have mobility in your strategy, then you don't have a strategy."
MobiHealthNews’ coverage of HIMSS12 is brought to you by IQMax.