With sweeping health reform came a laundry list of technology promising to save time, better the environment, and improve patient care. And as more of it is implemented, we learn what works best and what ... doesn't.
From unproven mobile platforms to legacy EHRs, some healthcare IT should just be avoided. Shahid Shah, enterprise software analyst and founder of the blog The Healthcare IT Guy, follows his list of five technologies every hospital should be using with five healthcare IT practices to avoid at all costs.
1. Marrying yourself to a mobile platform.According to Shah, the mobile market is young, and making commitments to mobile app platforms such as iOS or Android is still a bad idea. "Focus on device-independent protocols, like HTML5 and JavaScript," he said. "The war between Apple, Microsoft and Google is nowhere near being resolved, and you don't want to get caught on the wrong side." Shah continued by saying a platform that seems strong today could end up being weak tomorrow and quickly become legacy technology. "HTML5 isn't going anywhere and will be the ultimate winner of the next 15 years, just like HTML4 is the winner from 1995 to now."
2. Medical devices that don't talk to existing enterprise systems. "Don't buy any medical devices from vendors that don't have a deep and thorough medical-device-to-healthcare-IT-enterprise connectivity strategy," said Shah. According to him, if a device doesn't have wired or wireless TCP/IP access, data export, or HL7 connectivity, it's not worth the money.
3.Application development anchored in legacy systems. Write applications with proper HL7 connectivity and platform independence, said Shah. “Don't write applications on top of legacy EHR platforms. Most EHR platforms are using technologies that are either ancient or need to be replaced. By integrating deeply but remaining independent of their technologies, you'll get the best of both worlds."
4. Multiple wireless networks for medical devices.According to Shah, you shouldn't create separate physical wireless networks for your wireless medical devices. "Many people end up using WMTS or other specific networks and separate protocols for their devices because they think standard WiFi protocols won't work," he said. "WiFi has been unreliable in the past (given some specific configurations), but these days, you can set up reliable enough systems without requiring special networks." VLANs are a good idea, he added, but a separate network isn't necessary.
5. HIPAA-centric IT security development.Don’t focus on HIPAA for your security requirements. In fact, Shah wrote on his blog that you should forget about HIPAA at first, and instead focus on establishing good security practices and policies while following recommended NIST guidance. After taking those steps, return to HIPAA guidelines and tie them in, to ensure you aren't missing anything from the privacy side.
"Also, don't worry about finding 'HIPAA auditors' initially," Shah wrote. "Instead, focus on finding white hat hackers that can help you with penetration testing and hack attempts to truly focus on your threats and not on perceived HIPAA threats. Once you get beyond HIPAA as a security goal you'll end up with much better security and then you can tie HIPAA into your privacy policies to make sure you're not missing any major regulations.
