Reducing BYOD Risks in HealthcareIBM Exec Discusses Potential Impact of Alliance with Apple
"Bring your own device has been an issue within healthcare, and what has been a challenge for CIOs is that they've had to say, 'No we don't want those devices because we cannot build them to be HIPAA-compliant and be able to ensure no breach,'" Pelino says in an interview with Information Security Media Group.
IBM's partnership with Apple aims, in part, to tackle mobile device security concerns, Pelino says (see IBM/Apple Alliance: Healthcare Impact). "This gives us hope that we can address that through a seamless integration between the device and the infrastructure at the enterprise," he says. The combination of Apple's upcoming iOS 8 platform and IBM's MobileFirst solutions, which will include security and mobile device management software, will help, he says. Additionally, IBM will work with enterprises under AppleCare service plans to ensure that devices are secure and working appropriately, he says.
Apple and IBM on July 15 announced a deal in which IBM will sell Apple iPhone smart phones and iPad tablet computers loaded with IBM apps for several sectors, including healthcare.
The Department of Health and Human Services' "wall of shame" website of HIPAA breaches affecting 500 or more individuals shows that the leading culprit of major health data breaches has been the theft and loss of unencrypted devices and storage media.
While individuals might attempt to break into a lost or stolen password-protected Apple mobile device, Pelino says, "what we will do on the back-end with MobileFirst is ensure the firewalls are created so that they cannot penetrate into the enterprise."
In the interview, Pelino also discusses:
- Emerging consumer apps for Apple mobile devices that could allow, for instance, patients to capture and securely upload their own ultrasound images using an iPhone for diagnosis by a remote physician;
- How collaboration between IBM, Apple and electronic health records vendor Epic aims to enable patients to securely access their health data via a patient portal using iOS 8 mobile devices;
- IBM's HIPAA compliance plans for cloud services that will be offered for iOS8 healthcare solutions.
As general manager of IBM's public sector business, Pelino leads IBM's business with government, educational institutions, public and private healthcare providers and payers, biotech and pharmaceutical companies, medical device and instrument companies, as well as consumer organizations worldwide. Pelino, who joined IBM in 1980, is also on the executive committee for the Patient Centered Primary Care Collaborative and on the board of directors of the Healthcare Executive Network.