How Do You Use Smart Phones at Work?
Smart phones are the norm and fully integrated in our society today. In fact, it has been estimated by Pew Internet
, that 53% of adults have them. Many of the most popular applications on smart phones are related in some form to healthcare. The most frequently used healthcare applications pertain to dieting, exercise, stress/relaxation, chronic conditions and smoking cessation. It's not surprising to learn that 52% of smart phone users seek health information especially after a health crisis. As well, women age 30-64 use smart phones for health text alerts. And it's not only the general public using a smart phone in their daily lives; it's also clinicians.
Research by CompTIA, showed that 81% of MDs use smart phones. And Manhattan Research estimated that 62% of MDs use tablets. Spyglass Consulting Group found that 62% of hospital nurses said they use their smart phones for personal and clinical communications while on the job.
So, what exactly are clinicians using smart phones for? Upon walking the hospital, I've found that smart phones are often used by clinicians to:
- Document patient visits
- Manage clinical workflows
- Conduct research on technical and clinical issues
- Receive alerts on patient's conditions
- Interactive grand rounds - access to x-rays, medication profiles, laboratory data
- Order prescriptions in CPOE
While this is a great advancement and a huge leap from static paper charts and outdated time-consuming inefficient workflows of the not so recent past, there are threats and vulnerabilities when using smart phones.
Lack of confidentiality is one of the greatest threats, as transmitted and stored data needs to be secure. This is of the utmost importance so confidential healthcare data cannot be read by an unauthorized party. Patients and providers do not want an unauthorized party to know about a recent hospital stay or outcome of a sensitive procedure or diagnosis. The integrity of data must also be examined, as it is crucial to detect unintentional and even intentional changes to transmitted and stored data.
For example, there needs to be a way to track and locate any malicious or mischievous addition/deletion of healthcare information. Availability of data must also be examined. This ensures users can access resources whenever needed and do so in a secure way.
Although smart phones are open to threats, they are definitely here to stay in healthcare. So, I cannot help to wonder how nurse informatics can assist with safeguarding the healthcare data utilized by smart phones. Perhaps, much of it has to do with creating the organizational policies/procedures related to smart phones and mobile devices. However, I think it also depends on education we can provide to staff. When rounding in the hospital, I often see clinicians texting and emailing at the bedside. I am often struck by how many clinicians do not fully understand the risks and ramifications of using smart phones inappropriately. So below are a few items I often educate clinicians on:
- Provide physical security controls to decrease the chance of a smart phone being stolen or lost. Lock it up when not in use; know where it is while working with a patient. Don't be careless and leave it unintended, as it may store private healthcare data.
- Do not connect to an external network while using your employer-owned smart phone. Assume that external networks are untrusted allowing for ease dropping of data.
- Do not use applications created by unknown parties, as these cannot be trusted and may contain malicious software.
- Do not attach an organizationally owned mobile device to a personal laptop and vice versa. Data from your employer-owned device should not be downloaded onto a personal computer.
- Turn off GPS services on mobile devices to decrease the risk of targeted security attacks.
- Be aware that your hospital may restrict installed applications on a hospital-owned device.
- Your employer-owned device may have user and device authentication which requires dual authentication: 1) into the device, and 2) before accessing organization resources. This is an added security feature aimed at preventing unauthorized use of your device.
- Attend to the patient first, not your mobile device. After all, your first priority is your patient, not your smart phone.
Let's continue the conversation...
Are you allowed to use a personal smart phone at work? For what and when? If you are provided an employer-owned device, what do you use it for?
What is the policy at your work that pertains to the use of smart phones? What are the ramifications if it is misused?
What safeguards are in place at your work to safeguard the use of healthcare data while utilizing a mobile device or smart phone?
How do you think smart phones can properly be used by clinicians?