Smartphone bans: Does your hospital need a policy?
An intriguing editorial in the Canadian Medical Association Journal last week got me thinking. The authors pleaded with the Canadian national health system to abandon its ban on smartphones in hospitals.
I was both surprised, and a bit amused, to stumble across such an antiquated policy; one that most U.S. hospitals abandoned five years ago or more. But as I talked with industry experts, I started to wonder: Have U.S. healthcare facilities gone too far to the other extreme by allowing a Wild West attitude to take over? Currently, it feels like physicians and patients alike consider themselves entitled to use their mobile devices anytime, anywhere.
Consider this: Some hospitals report that their patients are texting during clinical procedures, Peter Waegemann, president of the mHealth Initiative, tells FierceMobileHealthcare.
The truth is that few, if any, hospitals have retained the earlier blanket bans on cell phones. Concerns over electromagnetic interference generally have gone by the wayside. Once those were lifted, smartphone/tablet use exploded.
"I haven't heard of any of our clients expressing any issues with smartphones," says Brian Baker, an IT consultant with Brentwood, Tenn.-based Regents Health Resources. "Everyone is so mobile these days. Everyone is virtual in some way or another. I haven't experienced any [hospitals] that have pushed back on smartphones."
Still, because smartphone/mobile use has been somewhat unchecked, many hospital CIOs find themselves playing catch up, particularly with physicians such devices (and the health apps that accompany them) at an exponential rate. They're also often two to three steps behind mobile developers who are coming out with hundreds of new health apps per month, Waegemann notes.
We talked with Edna Boone, senior director for mobile initiatives with HIMSS, about some of those challenges. She believes that hospital CIOs already have the tools they need to manage smartphone use--network security protocols, wireless policies, etc.--but were "caught off guard" by the speed with which physicians took up smartphones. "Seventy-two percent of U.S. physicians have smartphones, and that's expected to be 80 percent by next year," Boone tells FierceMobileHealthcare. "I'm not quite sure [CIOs] were prepared for that kind of rapid adoption."
Some industry watchers say hospitals shouldn't ratchet down on mobile use in any way. They warn that stricter security policies or other controls could stifle mobile use among clinicians, and irritate patients. And Waegemann admits he has spoken with patients who've actually chosen a hospital because it had progressive mobile policies, meaning they could text with loved ones directly after surgery, or receive hour-by-hour email updates on a procedure's progress.
Still, Waegemann believes, the time surely has come for hospitals to at least know when, how often, and to what purpose mobile devices are being used within their walls. As a first step, he suggests that CIOs should do some data-gathering and conduct a quick, but thorough, survey of mobile use within their facilities. Of particularly importance is to determine which apps physicians are using, and for what purposes.
Once they've identified those factors, Waegemann suggests that hospitals can create policies to manage the devices and apps they want to allow on their grounds. Boone, for her part, recommends that CIOs address a few specific issues when it comes to mobile security, including:
- Installation of a standard two-layer user authentication system on mobile devices;
- Encryption of data as it is transmitted to mobile phones;
- The requirement that mobile devices to be registered or have a digital certificate before they can access the hospital's network;
- Limiting the retention of protected data on the device, such as 48 to 72 hours before data will self-destruct.
Security policies needn't be draconian, banning mobile communication, or strictly controlling its use. Waegemann instead recommends "managing by exception"; essentially, creating specific policies for when a smartphone may not be used, such as during procedures.
Maryland's Meritus Medical Center did just that in its maternity department, prohibiting photos or videos of the birth process, and of newborns until they are five minutes old. Hospital officials told ABC World News that they wanted to give physicians a chance to complete the APGAR test and to determine that the infant was healthy. One interesting note: Malpractice attorneys told ABC reporters it was a defensive move by the hospital to prevent new mothers from using video or photo evidence in a malpractice lawsuit.
Another medical center, Monongahela Valley Hospital, started with internal prohibitions on mobile phones among its own executives. Their policy, instituted two years ago, forbids execs from using smartphones during meetings. The punishment: Having to do the chicken dance in front of their colleagues. Needless to say, it has been a surprisingly effective policy.
Waegemann recommends a blanket ban on taking any photos or video on hospital grounds unless it is part of a medical procedure. The security risks, such as someone inadvertently or purposefully taking a patient's picture in the hospital and posting it online, are clear.
From there, he says, hospitals can move on to specifics like determining approved communications protocols, how long patient information can be stored on smartphones (if at all), and how to handle wireless security on the multitude of different platforms.
Then you can decide who, if anyone, needs to do the chicken dance. - Sara