Your SlideShare is downloading. ×
Enabling Software Technologies for Mobile Healthcare Solutions
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Enabling Software Technologies for Mobile Healthcare Solutions

1,410
views

Published on

Speaking at the 2012 AHIMA Convention and Exhibit, SoftServe`s Russ Hertzberg, Vice President, Technology Solutions, shared some valuable insights on “Enabling Software Technologies for Mobile …

Speaking at the 2012 AHIMA Convention and Exhibit, SoftServe`s Russ Hertzberg, Vice President, Technology Solutions, shared some valuable insights on “Enabling Software Technologies for Mobile Healthcare Solutions”. Here is the presentation that Russ delivered at this important educational event.

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,410
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Enabling Software Technologies for Mobile Healthcare Solutions September 15, 2012 Russ Hertzberg Vice President, Technology Solutions
  • 2. Agenda▪ Security Services and Technologies▪ Mobile Device Management▪ Rich User Interface on Small Form Factor Mobile Devices▪ Web Services; HL7; Performance Considerations▪ Mini Case Study▪ Conclusions; Q and A
  • 3. Security Services and Technologies▪ The Compliance Domain: – Protected Health Information (PHI) – What PHI Exactly to Protect▪ How to Protect It▪ Tools, Techniques, Tips
  • 4. PHI is:▪ Names▪ All geographical identifiers smaller than a state▪ Dates (other than year) directly related to an individual▪ Phone numbers▪ Fax numbers▪ Email addresses▪ Social Security numbers▪ Medical record numbers▪ Health insurance beneficiary numbers▪ Account numbers▪ Certificate/license numbers▪ Vehicle identifiers and serial numbers, including license plate numbers;▪ Device identifiers and serial numbers;▪ Web Uniform Resource Locators (URLs)▪ Internet Protocol (IP) address numbers▪ Biometric identifiers, including finger, retinal and voice prints▪ Full face photographic images and any comparable images▪ Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data
  • 5. What PHI to Protect…Abstract or Complex Cases▪ “Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data” – External application identifiers – Legacy application identifiers – Medical Device generated identifiers – Others?▪ Better Safe than Sorry
  • 6. Known/Measured Breaches in Summary…2005-2011http://www.healthcarefinancenews.com/news/top-10-data-security-breaches-2012)
  • 7. How to Protect: Encryption▪ http://en.wikipedia.org/wiki/Encryption▪ In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). The reverse process, i.e., to make the encrypted information readable again, is referred to as decryption (i.e., to make it unencrypted)▪ HIPAA doesnt strictly require that PHI be encrypted "at rest" (aka on disk/storage) but unless you have a very good reason, it is highly recommended you do so.
  • 8. How to Protect: Encryption▪ HIPAA and Encryption: – Notification for PHI Breach Without Encryption – No Notification With Encryption Used for Storage (at Rest) and Transmission (over Networks)▪ Common Key Types (Algorithms): – RSA – AES – DES – 3DES – Others▪ Key Types: Public/Private; Secret
  • 9. What to Protect (Physician Practice)▪ Practice Management System▪ Electronic Medical Records▪ Claims Documents▪ Scanned Images▪ Email
  • 10. Encryption on Strategic Mobile Device Platforms▪ Data At Rest iOS/Apple = Yes (Hardware)▪ Data At Rest Android/Google = No (3rd party solutions or components)▪ Data In Motion = Integration Services Often Required▪ Developing Multi-Platform and Targeting In Motion? – Re-useable Tools and Components Can Save a Lot of Time and Meet The Complex Requirements
  • 11. Mobile Authentication▪ Strong Passwords on Mobile Devices…Pain!▪ Biometric….Promise (2D in next iOS Release??... 9/12/2012, AuthenTec Deal)▪ Complexity…Larger Scale Identity Management Solutions such as OAuth 2.0
  • 12. Mobile Audit Considerations▪ KPMG HIPAA Audits in 2012 on Behalf of HHS OCR (150 proposed to 115 as of summer 2012)▪ The Mass General, Cignet, and UCLA Examples (Fines)▪ Expected Focus: – Inadequate security of wireless networks – Lack of adequate updates to software and operating systems – Access log recordkeeping – Insufficient incident detection and response procedures – Inadequate user access controls and password management controls – Risk of theft or loss of mobile devices – Information access management, including role-based access▪ Mobile Security Implementation or Remediation…Sooner or Later
  • 13. Mobile Device Management▪ BYOD Will Not Go Away, But Markets Are Trending Towards Greater Organizational Funding▪ A Combination Business and Personal Use Device…Common Practice▪ How to Meet MDM Requirements: – Data Storage and Segregation – Lost Device – Remote cleaning – Access control
  • 14. Mobile Device Management Local Data Block Track Disable▪ Bifurcated Solution Cleanse Access Device Device Marketplace: Practice Mgmt – Do it themselves ISVs EMR – 3rd Party Solution Platforms▪ Define Specific Use Cases Claims▪ Build a Matrix of Mobile Doc Apps, MDM Use Images Cases, and Potential Password Management Solutions Simple Pswd Value Maximum Password Age Alphanumeric Value Required Maximum # Failed Attempts Enforce Min Length Enforce Min # Complex Characters
  • 15. Rich User Interface on Small Form Factor Mobile Devices▪ Complex Patient Data and Small Screens▪ Slower Wireless Networks▪ Native Apps▪ Mobile Web▪ Hybrid Native and Mobile Web
  • 16. Rich User Interface on Small Form Factor Mobile Devices▪ Persona Elaboration▪ Simplified Use Cases▪ HTML 5; Native App UI Objects▪ 3rd Party Tools and Components
  • 17. Rich User Interface on Small Form Factor Mobile DevicesCreative Solutions for RichHealthcare Data: – Sparklines – Push Notification for Patient Monitoring
  • 18. Thinking About Web Services, HL 7, and Performance▪ HL7…An XML Based Standard for Exchanging Information Between Medical Applications▪ The Good: – Standard Data Exchange over TCP/IP – EDI Like Formatting Allowed for Development of Successful Parsers – HL7 Standards for Many Healthcare Data Types – Great Resources for Healthcare IT
  • 19. The Case for JSON, Especially on Mobile▪ Speed Over Networks▪ Data Model Change Flexibility▪ RESTful▪ Does not Require One Truth Reference Data Modeling
  • 20. HL7 and JSON: A Future of Détente??▪ Clinical Document Architecture with HL7▪ Rich Data Models within Healthcare Organizations▪ Data Exchange moving Towards JSON▪ Data Exchange Between Organizations Based on Common Data Model Elements▪ Translation Middleware
  • 21. Mini Case Study▪ A SOLUTION FOR HOME HEALTHCARE AND HOSPICE AGENCIES▪ TECHNOLOGIES: WINDOWS PHONE 7, VS2010 / EXPRESSION BLEND 4, WCF, SILVERLIGHT, MVVM, NINJECT, NI NJA DATABASE PRO, SSL, AUTOMAPPER, STRUCTUREMAP, NUNIT, NHIBERNATE, RHINO.MOCKS, LOG4 NET
  • 22. Carefully Designed UI/UX for Windows Phone 7
  • 23. Architecture - Communication Web Phone HomecareDB Services WCF Mobile Services WCF SecuritySecurity Framework Web service DB
  • 24. Architecture - Phone Web Providers Common UIViews (ViewModels) Facade Domain Local cache Cache Manager
  • 25. Mapping, GPS, and Office Productivity▪ BING Maps and GPS for Routing From Patient to Patient – Track and Audit Patient Visits – Track and Control Mileage Expenses – Optimize Travel Routing – Submit Daily Reports Instantly. Roll Up Patient Data Instantly and Daily. Eliminate Clinician Reporting Work and Errors
  • 26. Contacts and Questions?US Headquarters Europe Headquarters12800 University Drive, Suite 250 52 V. Velykoho Str.Fort Myers, FL 33907, USA Lviv 79053, UkraineMain Tel: 239-690-3111Main Fax: 239-690-3116 Tel: +380-32-240-9090 Fax: +380-32-240-9080E-mail: rhert@softserveinc.com E-mail: info@softserveinc.com Thank You!