With the emergence of personal mobile devices in healthcare organizations and the rise of bring your own device (BYOD) policies (a topic we've explored before), CIOs in healthcare are facing the challenge of balancing the usefulness of mobile apps with privacy, compliance, and security issues.
"The more you provide the ability to access information, you open security risks and privacy risks," Dr. Harry Greenspun, senior adviser at the Deloitte Center for Health Solutions, told us.
We spoke with Greenspun to get some insight on what CIOs need to think about when it comes to deploying mobile devices and health apps in the healthcare enterprise. According to Deloitte, healthcare is one of three areas (along with consumer products and financial services) that will lead mobile device growth over the next five years.
When implementing mobile technology, CIOs need to consider who the users are and what they're looking to achieve by using the technology, Greenspun said. "CIOs need to think about what will be useful within their enterprise and to the populations they serve and what's being demanded of them."
Another thing CIOs need to consider is whether the mobile apps they may be using or developing could be subject to regulation. CIOs need to think about whether a mobile health app constitutes a medical device. If it does, it could be subject to Food and Drug Administration regulation. Since these apps can do things like monitor nutrition and blood glucose, they're more likely than other types of apps to be subject to regulation, according to Greenspun.
"The more useful, the more integrated" an app is, "the more likely it is to be pushing against regulatory issues," he said. "As you move closer and closer to something that's tied into mainstream healthcare or the delivery of care or having a larger impact on your health, you tend to push closer and closer to regulatory aspects."
Monetizing mobile health is a challenge for the healthcare industry, so CIOs need to think about how mobile technology fits into a hospital's business model. For example, if devices enable remote health monitoring and lead to better health outcomes, doctors can benefit from additional reimbursement under the Affordable Care Act. "As we move toward accountable care and outcomes, if mobile devices provide help with better data sharing, better coordination of care, and better engagement of consumers, then you'll achieve better outcomes, and that will result in better reimbursement."
CIOs need a governance process to determine which mobile technologies might work for their organization, especially with the emergence of BYOD. "When one group says we need this for our patients, and the other says they need it for their staff, how do you evaluate that and make it work?"
As CIOs deal with the challenges of mobile health and how to implement new technology, they should receive a vote of confidence from their colleagues.
"People need to have a little compassion for the CIO," Greenspun said. "That role continues to evolve, and not only the range of responsibilities that CIOs have, but the much broader geographies and constituencies they have to consider now."
What do you think? Are you worried about regulations around mobile technology? How can healthcare CIOs use that technology to make their organization more efficient? How are you doing it? Comment below.