1st Edition

BYOD for Healthcare

By Jessica Keyes Copyright 2014
    454 Pages 29 B/W Illustrations
    by Auerbach Publications

    454 Pages 29 B/W Illustrations
    by Auerbach Publications

    With 70 percent of organizations already adopting bring your own device (BYOD) and Gartner expecting this number to increase to 90 percent by the end of 2014, it is not a question of if, or when, it’s a question of will you be ready.

    BYOD for Healthcare provides authoritative guidance to help you thrive during the healthcare BYOD (hBYOD) revolution. Jessica Keyes, president of New Art Technologies, Inc., professor at the University of Liverpool, and former managing director of R&D for the New York Stock Exchange, supplies an understanding of these new end users, their demands, and the strategic and tactical ramifications of these demands.

    Maintaining a focus on the healthcare industry, the book considers the broad range of technical considerations, including selection, connectivity, training, support, and security. It examines the integration of BYOD to current health IT, legal, regulatory, and ethical issues. It also covers risk assessment and mitigation strategies for an hBYOD environment that are in line with medical laws, regulations, ethics, and the HIPAA and HITECH Acts.

    The text discusses BYOD security and provides time-saving guidance on how to configure your hBYOD environment. It also considers how BYOD impacts resource management, certification of EMR/EHR software, health informatics, and health information exchange.

    The book covers content and data management, risk assessment, and performance measurement and management. It includes a set of Quick Start guides with tips for assessing costs, cloud integration, and legal issues. It also contains a robust appendix with information on everything from security settings for Apple iOS devices to a sample employee mobile device agreement.

    The BYOD Revolution Adapted to Health Information Technology
    Meaningful Use
    The Possibility of hBYOD
    What is in it for the Organization
    So What can go Wrong?
    Mobile Device Management
    Consumerization of IT
    Business as Usual

    Making a Financial Case for BYOD
    Supporting BYOD
    Cost–Benefit Analysis
    Break-Even Analysis
    Estimating ROI for an IT Project
    Earned-Value Management
    Rapid Economic Justification
    Value Measuring Methodology
    Step 1: Develop a Decision Framework
    Task 1—Identify and Define the Value Structure
    Task 2—Identify and Define Risk Structure
    Task 3—Identify and Define the Cost Structure
    Task 4—Begin Documentation
    Step 2: Alternative Analysis—Estimate Value, Costs, and Risk
    Task 1—Identify and Define Alternatives
    Task 2—Estimate Value and Cost
    Task 3—Conduct Risk Analysis
    Task 4—Ongoing Documentation
    Step 3: Pull Together the Information
    Task 1—Aggregate the Cost Estimate
    Task 2—Calculate the ROI
    Task 3—Calculate the Value Score
    Task 4—Calculate the Risk Scores
    Task 5—Compare the Value, Cost, and Risk
    Step 4: Communicate and Document
    Task 1—Communicate the Value to Customers and Stakeholders
    Task 2—Prepare Budget Justification Documents
    Task 3—Satisfy Ad Hoc Reporting Requirements
    Task 4—Use Lessons Learned to Improve Processes
    Uncertainty Analysis
    Sensitivity Analysis

    Integrating hBYOD into Performance Measurement and Management Systems
    Measuring BYOD
    Why Measure?
    Understanding Performance Management
    Attributes of Successful Performance Measurement Systems
    Developing Benchmarks
    Using Balanced Scorecard to Measure BYOD Effectiveness
    Representative IT Balanced Scorecard Value Metrics
    Keeping Track of What is going on
    Validation and Verification

    Assessment and Mitigation of Risks in an hBYOD Environment
    What is a Risk Analysis?
    Initiating the Risk Assessment
    A Typical Organization’s Computer System
    System Architecture
    System Operational Authority/Ownership Threats to a Typical Organization’s Assets
    Current Security Measures
    COG Contingency Planning
    Divisional Contingency Planning
    Protection Against Network-Related Threats
    Vulnerabilities Reported by the Risk Assessment Team
    Recommendations for Mitigating the Identified Vulnerabilities

    Guidelines for Managing and Securing Mobile Devices in the Health Organization
    HIPPA Security Rule
    Mobile Device Overview
    High-level Threats and Vulnerabilities
    Use of Untrusted Mobile Devices and Networks
    Use of Applications Created by Unknown Parties
    Interaction with Other Systems
    Use of Untrusted Content
    Use of Location Services
    Technologies for Mobile Device Management
    Components and Architectures
    Security for the Life Cycle of Enterprise Mobile Device Solution
    Operations and Maintenance

    Cloud Best Practices
    Selecting a Cloud Service
    CSP and End-User Agreements
    TOS Agreements
    Nondisclosure Agreements
    Service-Level Agreements Terms and Definitions
    Measuring SLA Performance
    SLA Enforcement Mechanisms
    CSP, Organization, and Integrator Roles and Responsibilities
    Contracting with Integrators
    Clearly Defined Roles and Responsibilities
    Continuous Monitoring
    Incident Response
    Key Escrow
    Audit Logs
    Privacy Impact Assessments
    Data Location
    Breach Response

    Configuration Management in a BYOD Environment
    CM and Process Improvement
    Measurement and Metrics
    Benefits of BYOD CM
    CM Components
    Configuration Identification
    Configuration Change Control
    Configuration Status Accounting
    Configuration Auditing
    Implementing CM in the Organization
    Manage the Risks of CM
    CM and Data Management
    Document Identification
    Data Status Level Management
    Data and Product Configuration Relationships
    Data Version Control
    Digital Data Transmittal
    Data Access Control

    Content Management for hBYOD
    Enterprise Information Management
    Content Management System
    DMS/Electronic DMS
    Records Management System
    Digital Asset Management
    Mobile Device Management and Mobile Content Management

    Integrating hBYOD into Resource Management
    Data Management Roles
    Data Management Responsibilities
    Dictionary of Data Management Terms

    BYOD Means Social Networking
    Tools that Provide Networking Capabilities
    Wikis in Action
    Meaning-Based Computing
    Semantic Web
    Virtual Worlds
    KM Tools

    Getting a Quick Start on hBYOD
    Quick Start 1: Software-Based Authentication
    Quick Start 2: BYOD— Making IT Work for Your Firm
    Quick Start 3: Software Selection from Multiple Packages
    Quick Start 4: The Make-Buy Decision
    Quick Start 5: IEEE Framework for Measures
    Quick Start 6: Common BYOD Mistakes
    Quick Start 7: BYOD Corporate Policy
    Quick Start 8: MDM Functionality Guide
    Quick Start 9: Legal Issues with BYOD
    The Fixes: How to Inoculate Your Company against Potential Legal Trouble
    Quick Start 10: Managing Online Content Checklist
    Content Management Issues
    Quick Start 11: Selecting a Content Management System Checklist
    Before You Start
    Determining Project Goals and Targets
    Determining and Documenting Business Requirements
    Producing Documentation
    Evaluating and Selecting a Content Management System
    Quick Start 12: BYOD Lessons Learned
    Each Unique
    Survey … Survey … Survey
    Each and Every Platform should be IT’s BFF
    The App Store Problem
    Virtualization: Might It Be a Temporary Savior?
    Quick Start 13: BYOD Risks
    Quick Start 14: Getting Started with BYOD
    Quick Start 15: BYOD Security Tips
    Quick Start 16: Cloud Migration Tips
    Quick Start 17: Hitching Your Network to BYOD


    Security Glossary
    Employee Mobile Device Agreement
    Mobile Device Security Checklist
    Security Configuration Recommendations for Apple iOS 5 Devices
    Traditional IT Metrics Reference
    Cloud Procurement Questions
    Computer Use Policy
    Benchmarking Data Collection Methods
    Wireless Device Agreement
    Mobile Device Management Vendors
    Best Practices Security Checklist 
    Health Information Technology Glossary
    Security Rule



    Jessica Keyes is president of New Art Technologies, Inc., a high technology and management consultancy and development firm started in New York in 1989. Keyes has given seminars for such prestigious universities as Carnegie Mellon, Boston University, University of Illinois, James Madison University, and San Francisco State University. She is a frequent keynote speaker on the topics of competitive strategy and productivity and quality.

    She is former advisor for DataPro, McGraw-Hill’s computer research arm, as well as a member of the Sprint Business Council. Keyes is also a founding Board of Director member of the New York Software Industry Association. She completed a 2-year term on the Mayor of New York City’s Small Business Advisory Council. She currently facilitates doctoral and other courses for the University of Phoenix and is a member of the Faculty Council for the College of Information Systems and Technology. She has been the editor for WG&L’s Handbook of eBusiness and CRC Press’ Systems Development Management and Information Management.

    Prior to founding New Art, Keyes was managing director of R&D for the New York Stock Exchange and has been an officer with Swiss Bank Co. and Banker’s Trust, both in New York City. She holds a master of business administration from New York University and a doctorate in management.

    A noted columnist and correspondent with over 200 articles published, Keyes is the author of the following books:

    The New Intelligence: AI in Financial Services, Harper Business, 1990
    The Handbook of Expert Systems in Manufacturing, McGraw-Hill, 1991
    Infotrends: The Competitive Use of Information, McGraw-Hill, 1992
    The Software Engineering Productivity Handbook, McGraw-Hill, 1993
    The Handbook of Multimedia, McGraw-Hill, 1994
    The Productivity Paradox, McGraw-Hill, 1994
    Technology Trendlines, Van Nostrand Reinhold, 1995
    How to Be a Successful Internet Consultant, McGraw-Hill, 1997
    Webcasting, McGraw-Hill, 1997
    Datacasting, McGraw-Hill, 1997
    The Handbook of Technology in Financial Services, Auerbach, 1998
    The Handbook of Internet Management, Auerbach, 1999
    The Handbook of eBusiness, Warren, Gorham, and Lamont, 2000
    The Ultimate Internet Sourcebook, Amacom, 2001
    How to Be a successful Internet consultant, 2nd Ed, Amacom, 2002
    Software Engineering Handbook, Auerbach, 2002
    Real World Configuration Management, Auerbach, 2003
    Balanced Scorecard, Auerbach, 2005
    Knowledge Management, Business Intelligence, and Content Management: The IT Practitioner’s Guide, Auerbach, 2006
    X Internet: The Executable and Extendable Internet, Auerbach, 2007
    Leading IT Projects: The IT Manager’s Guide, Auerbach, 2008
    Marketing IT Products and Services, Auerbach, 2009
    Implementing the Project Management Balanced Scorecard, Auerbach,2010
    Social Software Engineering: Development and Collaboration with Social Networking, Auerbach, 2011
    Enterprise 2.0: Social Networking Tools to Transform Your Organization, Auerbach, 2012