One of my favourite topics is how organizations are overcoming the security challenges of supporting user devices on a closed network. Hospitals in particular are a great example because patient information is highly sensitive data.
At Ottawa Hospital, until recently, physicians who wanted to access information such as patient records or diagnostic images were tethered to a workstation, either in their office, at a nursing station or out on the units.
However, the past year or so has seen the gradual introduction of smartphones and tablets into the equation as physicians increasingly ask the hospital’s IS department to support these devices for mobile access.
So last year, Ottawa Hospital tried an experiment. They gave out iPads to 20 clinicians along with access to the electronic health records repository via Citrix. I was talking to Valerie Gamache, the deputy CIO at Ottawa Hospital, and she said it was so successful that she got “love e-mails” from the doctors.
That’s when the hospital realized just how big a game-changer the tablets were and immediately started developing a custom front-end viewer app for the iPad to pull together PACS images, EHR records and scanned documents.
The hospital has started using tablets in dozens of cases. One exciting use case has been that now when the health team meets to share patient information, they use their tablets to access patient files in real time. Doctors doing rounds can access information such as medication administration records, test results and doctors’ notes right at the patient’s bedside. Gamache says the experiment has been so well received that now the hospital is planning to add order entry capabilities for labs and DI.
The Ottawa Hospital program primarily involves corporate-owned tablets, but user-owned devices are being supported for limited functionality (e.g., e-mail, Internet, EHR access) if physicians request connection and follow security rules. MobileIron software is being used to manage security on the hospital’s mobile devices. The tablets are granted access to applications and data via Citrix, which is a secure server.