This book includes a plain text version that is designed for high accessibility. To use this version please follow this link.
● Strategic Directives

and hours looking through history logs. Most importantly, we are confident that our network is secure regardless of the devices that come on our site," Roberts says.

Healthmaster: Taking it to another level When compared to Benson Hospital and its BYOD practices, Healthmaster, a provider of digital solutions for school health offi ces, is monolithic in stature. Based in Walled Lake, MI, Healthmaster is responsible for maintaining the medical

records for 100 to 125 K-12 school districts in 16 countries, encompassing more than 1,500 users possessing approxi- mately 350 diff erent device models. Steven McGovern, Director of Technology, has the

responsibility of ensuring that each end point can receive and transmit its medical records from the Healthmaster network in an effi cient and secure fashion. While BYOD may be an emerging issue in healthcare, it has been present in education for nearly two decades. “When we started, laptops were just becoming adopted in academics. Wi-Fi was just coming about, and we were really running on a desktop-by-desktop basis,” McGovern says. “As the Internet grew, we really wanted to be proactive. We knew that ‘bring your own device’ would be a growing issue because we knew that as technology miniaturized, it would start to flourish into branches that we could not even imagine at the time. While we were on the right track, we had not really en- visioned what technol- ogy would become with the smartphones, iPads, iPhones and all the other mobile devices available today.” With the continual changes in the types of users and the overall IT landscape, McGovern has had to remain vigi- lant in his search to cre- ate a secure and efficient network at Healthmas- ter. In addition to being mindful of the HIPAA compliance standards that healthcare facilities must abide, McGovern and his staff also adhere to the standards of the Family Education Rights


Privacy Act (FERPA). While FERPA governs education records in a school environment, medical records are con- sidered to be a part of a student’s education record as well. “What that really means,” says McGovern, “is that a

student’s education record cannot be dispersed or viewed or accessed by anybody who is not considered a ‘officer’ or an authorized person of the school district. On top of that, FERPA actually takes it a step further than HIPAA and it requires that we track every view, every instance, every update, every look, every delete of the student’s record. We not only have to track what was changed in a student’s re- cord, we have to track who even looked at it – who glanced at the record but did not even make a modification, who might have made a modification and so on. Our level of security has to be a step beyond encryption, and we must demonstrate an actual awareness within the application on what’s going on. So literally, with our records, we can go back and view a login into our system and we know, second by second, everything a user was doing in the app the entire time he or she was logged in.” While this level of audit was only possible due to the

development staff at Healthmaster, it took an outside ven- dor, Ericom, to provide the appropriate interface. “We built that level of audit into our own systems,” says

McGovern, “and by building it with the idea we were going to integrate BYOD platforms, Ericom allowed us to provide

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28