In my last blog, What is Driving the Use of Risky Workarounds in Healthcare?, I explored the reasons why frontline healthcare workers are using workarounds that are out of compliance with policy, drive increased privacy and security risk, and can result in compromises to the confidentiality (breach) and integrity of patient records. An example of a workaround could be a healthcare worker taking a photo of a patient on a personal device and emailing this using their personal email to a co-worker.
A global survey of frontline healthcare workers completed January 2013 by HIMSS and Intel, with 674 respondents, reveals that more than half of respondents use workarounds either every day, or sometimes. In this blog we look at what types of tools healthcare workers are using for workarounds.
In this survey, we asked frontline healthcare workers globally what types of workarounds help deliver better care more quickly. Here’s what they said:
59 percent indicated they use personal smartphones for workarounds, 50 percent personal tablets, and 39 percent personal laptops
Text messaging was used by 40 percent of respondents
Personal email is being used by 32 percent of healthcare workers in workarounds that help them get their job done
21 percent of respondents indicated they are reverting to paper based workarounds where technology solutions or security get in the way
Many other respondents indicated personal apps (20%), personal USB keys (19%), photos using personal devices (17%), social media (12%), video using personal devices (8%) and several other types of workarounds
So what should you do about this? A proactive approach to enabling BYOD (Bring Your Own Device) is recommended, enabling the use of personal devices in ways that are in compliance with privacy and security. However, these results clearly show that personal devices may also be used in workarounds that are not compliant with privacy and security policy and drive significant additional risk of security incidents such as breaches.
Healthcare organizations are encouraged to explicitly treat the use of workarounds in their policy, procedures, and risk assessments. For the highest priority risks that need to be mitigated, this information on what types of workarounds are being used by healthcare workers is critical to make informed decisions on what types of safeguards to use to mitigate the associated risks. Some of these safeguards may be technical or physical. Effective training is also an increasingly important administrative safeguard to mitigate risks of workarounds, and is sure to grow further in importance as healthcare workers are increasingly being empowered by BYOD, social media, and many powerful new tools.
What types of workarounds do you see in your healthcare organization?
Stay tuned for more information in my weekly blog series. Next week we’ll start to take a look at further results from the survey that measure healthcare worker awareness of risks and why they use workarounds anyway.
We’ll be releasing these survey results in a whitepaper at a workshop at HIMSS 2013 on March 6. If you will be in New Orleans, join us for the workshop panel to explore this concept further. RSVP and reserve your spot.