Despite hospital policy restrictions, 67 percent of hospitals interviewed in a Spyglass Consulting Group study reported that staff nurses use personal smartphones for clinical communications and workflow. As a result, 88 percent of hospitals were concerned with some type of HIPAA-related security risk.
The study revealed that nurses sent patient data using smartphones, although it was much more common with doctors. Six to 14 percent of nurses sent text messages, used app-based messaging or used picture messaging to send patient-related clinical information to their colleagues.
Although smartphones can be beneficial to healthcare facilities, the risks are clear. The possibility of security breaches and compromised patient data can undermine the connectivity and safety of healthcare environments. Solutions can help minimize these threats.
Positive Aspects of Smartphone Usage
A survey of a large hospital corporation in London found that 53.2 percent of nurses considered their smartphone “very useful” or “useful” for helping with clinical duties. Two-thirds of nurses owning medical apps use them as part of their clinical practice.
According to the survey, more than 90,000 mobile health apps are available. Worldwide, 3.4 billion people own a smartphone, and half will be using mobile health apps. Most of these apps target lay users to promote healthy living or assist with disease conditions, but an increasing number of apps are designed for healthcare providers in clinical environments. Mobile health apps allow providers convenient access to health-related content to facilitate decision-making.
Smartphones can also improve communication in nursing, which some believe has been neglected. “Despite advancements in mobile devices and unified communications, hospital IT has underinvested in technologies and processes to support nurses at point of care,” said Gregg Malkary, managing director of Spyglass Consulting Group. “Nearly 42 percent of hospitals interviewed are still reliant on pagers, noisy overhead paging systems and landline phones for communications and care coordination.”
“Hospital IT has an imperative to evaluate and deploy innovative mobile technologies and unified communications solutions to support collaborative team-based care to help enhance communications, streamline productivity, improve care quality, and increase clinician satisfaction,” the Spyglass Consulting Group study concluded. Half of hospitals interviewed planned to invest in or evaluate enterprise-class smartphone solutions over the next 18 months.
Ethical Implications of Smartphone Usage
If the majority of nurses use personal smartphones for clinical communications and workflow, then nurses could be violating federal laws (specifically, HIPAA), hospital security policies and the American Nurses Association’s Code of Ethics, according to American Nurse Today.
“If they’re sending protected health information (PHI) on their smartphones in a way that can be linked to a specific patient, they’re also violating state nurse practice acts,” American Nurse Today reports. “Sending PHI could lead to loss of employment, financial fines, jail sentences, and loss of one’s nursing license.”
Working Nurse warns that the security and protection of sensitive data “takes on a whole new meaning when dealing with sensitive patient medical information. A single breach would potentially compromise thousands of patients’ data, leaving them vulnerable to a medical identity theft.” Research states the following: employee-owned devices are compromised at more than twice the rate of devices owned by corporations; 40 percent of Americans don’t have password protection on their mobile devices; and 51 percent use public Wi-Fi hotspots, which are vulnerable to data breaches.
According to a 2015 study from the Ponemon Institute, criminal attacks are the leading cause of healthcare data breaches — a first in the five years of the study’s history. Criminal attacks increased by 125 percent in the previous five years, which researchers attribute to two critical facts that cybercriminals recognize. First, healthcare organizations manage a treasure trove of financially lucrative personal information. Second, they do not have the resources, processes and technologies to prevent and detect attacks and adequately protect healthcare data.
In a separate study, the Ponemon Institute found that data breaches in healthcare are the most expensive to remediate, and the cost is rising. The study of 350 companies in 11 countries across 16 industries showed that the average cost of a healthcare breach is $363 per personally identifiable record exposed. In contrast, the average cost of a data breach across all industries is $154.
In hospitals that have a “bring your own device” policy, nurses must carefully follow the rules, even if it includes restrictions on how they use their device or whether their device can be confiscated or erased if a breach occurs. Even if the policy doesn’t outline certain best practices, nurses should be aware of and abide by these standards.
Strong passwords are a must, and multiple layers of authentication are ideal. Nurses should also install mobile security, because “your smartphone is as much a computer as your laptop or desktop at home,” Working Nurse says. Users should also exercise caution around unsecured wireless networks and unencrypted apps. Nurses should limit use to encrypted networks with passwords and firewalls. They should also be aware of the 75 percent of apps that don’t encrypt data, the 86 percent that lack basic security mechanisms and the 97 percent that contain some type of privacy issue.
Whether nurses and other healthcare professionals use their own smartphone or a provided device, hospital policies for smartphone use must be based on federal and state regulations. These rules can help healthcare providers prevent exchanging secure data on unsecure devices, apps and networks. Hospitals should also have legal and cybersecurity professionals provide accountability and review.
Enhancing Patient Safety and Care
Clinical and ethical implications of smartphone use present obstacles for nurses and other healthcare professionals. Although the devices have much to offer for the quality of patient care, precautions must be taken to ensure sensitive data remains safe and secure.
Alvernia University’s online nursing program assist students in learning how to best use smart technology to improve patient outcomes, while respecting patient privacy and confidentiality. The RN to BSN Completion Program takes place in a flexible online learning environment that allows students to maintain their work and personal schedule.