Dear All:
I have just submitted the following to the ONC website as part of their solicitation regarding input on ways to secure health data on Mobile Devices. http://www.ihealthbeat.org/articles/2012/3/7/onc-seeking-input-on-ways-to-secure-health-data-on-mobile-devices.aspx
***************************************************************************************************
David Finn, CISA, CISM, CRISC
Health IT Officer, Symantec Corp.
(Former Healthcare CIO)
In my experience, caregivers are among the most creative users of technology around. They will figure out what they need to do in order to provide care to a patient and get their job done - - and in the end are much smarter than PCs, phones, jump drives or even medical devices. Mobile solutions, because they tend to be driven as much by consumerization as by enterprise technologies, are easier for end-users to use and less capable of being acquired, distributed, controlled and managed by a single, central IT group. Also, the trend toward mobility has made it clear that healthcare is about the data - - not devices, specific technologies, nor times, geographies, or events. It is about anytime, anywhere, any device.
Managing mobile solutions, from a best practice perspective,must be addressed across five major areas: 1) Enterprise Activation; 2) Policy Management; 3) Centralized Management; 4) Enterprise Integration, and; 5) Mobile Strategy. Enterprise in this case, is not a measure of size but of the data custodian.
At a deeper level but without going into too much detail: (See the attached file)