The health care industry is one of the most difficult -- but potentially fertile -- enterprise segments, in terms of developing and deploying mobile and wireless solutions. Why? Because while there's an obvious benefit to doctors and other medical professionals being able to immediately access patient data, the challenges of designing and deploying wireless systems within a hospital setting are enormous.
Normal IT networking issues such as wireless roaming, user and group policy management, and security are even more critical when patient confidentiality and government rules and restrictions are thrown into the mix. Then there are the unique information needs spread throughout a health care facility, or across a campus-wide environment, that specifically target workers in emergency rooms, registration areas, and at patients' bedsides. Typically, a wireless system within a hospital will consist of multiple networks and sub-networks, with a wide range of client users including doctors and nurses to pharmaceutical sales people and volunteers. In essence, it's not just a question of patient record confidentiality, but also an organized jumble of who gets to see what at any given time in a hospital's day.
Despite the potential for chaos, wireless LANs deployed within health care applications are forecast to deliver productivity levels that exceed $12 billion by the year 2006, according to one well-known consulting organization. And this is a prescription
What are some of these demands? Naturally, one of the most obvious is security, since all health care organizations have to comply with the U.S. government, and the Health Insurance Portability and Accountability Act (HIPAA), which was enacted in 1996 and carved in legislative granite about a year ago (meaning that health care professionals have no choice but to knuckle under to these rules).
"Security has been a huge kind of motivator for hospitals and health care organizations looking at how to fortify their network environment and make it HIPAA compliant," says Rohit Mehra, director of product marketing for Bluesocket, Inc., a wireless solutions provider with an enviable track record in hospital deployments. Unfortunately, he points out, HIPAA does not dictate technology, and was in fact enacted long before wireless was an option and most hospitals were strictly hard-wired. This has created somewhat of a technology chasm for many solutions providers, and even larger networking companies like Cisco Systems, since security must be layered on top of existing systems and has the potentially to create a patchwork of sorts if it is not done right.
We talked to Mr. Mehra earlier this year about some of the issues that are critical to health care professionals considering or presently involved in wireless. We also asked what challenges vendors in this field might be facing, especially as 802.11 systems get a little more secure and we move toward the introduction of an even stronger version (802.11i) sometime later this year. The following are some points from that discussion:
- The health care market is changing rapidly as doctors, nurses and administrators, who were previously focused on the communications aspects of wireless, now spend more time thinking about how wireless might affect the design and their interaction with the actual medical systems. This concern will escalate as a wider range of medical technology makes use of embedded wireless solutions, and the wireless landscape expands to encompass more physical assets within an organization.
- Most hospitals already employ fairly sophisticated and secure wired systems, and basically take a secure VPN (virtual private network) approach to both wired and wireless network security. The thinking is, says Mehtra, that at the end of the day you are coming back into that safe and comfy wired world, so you really don't need incredibly strong safeguards at the edge of the network. The reality, of course, is that you not only have to be secure at these edge wireless access points (APs), but you also need some effective centralized control and management to keep an eye on everything happening within that network.
- Doctors love the idea of having instant and wireless access to patient information, and will warmly welcome the latest tablet PCs and handhelds, if the traffic surrounding the Palm booth at most health care IT gatherings is any indication. But, these same people who spent years in medical school and can navigate their way around a circulatory system as easily as most of us find our way to the sports section of the local paper each morning, are really not very tech-heavy when it comes to wireless infrastructures. In fact, health care professionals may be the most demanding when it comes to user experience and ease of use, since they are by their very nature medical technology snobs -- which is good since I'd rather have a medical-savvy surgeon at the helm than someone who knows more familiar with wireless protocols than the latest surgical techniques!
- Health care professionals are increasingly aware of the trade-offs associated with proprietary versus non-proprietary wireless systems, especially since non-proprietary systems reduce problems associated with interoperability and ease of use. For example, says Mehra, Microsoft's version of IPSec is not an easy implementation, even though it is designed to be a generic client. And Cisco's security approach is definitely proprietary and may lock you out from implementing other solutions.
We think Bluesocket's Mehra said it best when he states that from a practicality standpoint, administrators and system developers should worry about how doctors will use a wireless system it without agonizing about all the infrastructure problems.
Tim Scannell is the president and chief analyst with Shoreline Research, a Quincy, Mass.-based consulting company specializing in mobile and wireless technology and initiatives. Shoreline works with end users, looking to implement mobile solutions, and vendors, developing new products and seeking business and customer opportunities. The company also specializes in training and strategic planning projects. For more information on Shoreline Research and the company's strategic services please go to http://www.shorelineresearch.com.
This was first published in March 2004