UC Medical Center Creates Unique BYOD Program - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

04:04 PM
Connect Directly

UC Medical Center Creates Unique BYOD Program

University of California Irvine Medical Center develops its own mobile security system to safely give Wi-Fi access to students and staff who bring their own smartphones and tablets.

11 Super Mobile Medical Apps
11 Super Mobile Medical Apps
(click image for larger view and for slideshow)
When Adam Gold, director of emerging technologies at University of California Irvine Medical Center in Orange, Calif., wanted to give clinicians "bring your own device" access to the Allscripts Mobile MD EMR system, he realized he had to address security concerns as soon as possible. That's when CIO Jim Murray, Gold, and their team decided to create their own integrated mobile security system, which combines network access control with mobile device management.

"Users bring their own device and permission themselves to get on a wireless network so we don't have to," Gold said. Users gain access to an Internet connection, but before doing anything else, he said, they need to receive service activation in the AirWatch and Bradford systems.

The medical center uses Bradford Networks as network access control, but what was key at UC Irvine, said Gold, was connecting this to the center's mobile-device management software, AirWatch. "We wanted to tie these two systems together, even though they're separate vendors," he said.

"The vision was to provision the devices, and based on the provisioning, we give them network access," he continued. Internally, Gold and his team wrote a middleware piece, which sits between the AirWatch and Bradford systems. "So when a user goes through the provisioning process, once that process is done in AirWatch, we send a message over to the Bradford system," he said.

[ What are the stumbling blocks to BYOD in healthcare settings? Read Why BYOD Doesn't Always Work In Healthcare. ]

The message communicates to Bradford that the device is provisioned and allowed on the network. Once this occurs, the device rejoins the network on the proper VLAN, or "the proper network that Bradford is going to put it on," said Gold. This VLAN, he said opens access to additional resources on the network, such as the EMR.

"As far as I know, we're the only people who have taken it this far," said Gold. "A lot of people are doing BYOD, and a lot are using AirWatch, but from the UC perspective, we're the only ones to write our own middleware piece and tie Bradford and AirWatch together, not independently."

The medical center took additional steps to notify physicians, for example, of when they are allowed access to the network. Once a physician joins the basic Internet connection, he is taken to a Safari page with a drop-down menu, asking for the user to identify himself as a student or physician. After selecting the "physician" profile, the user is prompted to input access directory credentials. "Then, the system decides, 'We're going to go ahead and provision you,'" said Gold. "That applies an AirWatch MDM [mobile device management] policy to the device."

A few main features are part of the policy, said Gold. For starters, the system forces encrypted backups of the device. "We know it's an iOS device and it already has hardware-level encryption built in, so we tell users don't worry about that," he said. The Center also enforces a policy of alerting users that they are provisioned, as well as locking the device with a pin password 15 minutes after inactivity.

Today, the Center has more than 1,000 devices provisioned on its network, and, according to Gold, very few complaints about the system. "We had to be careful developing policies," he said. "We couldn't be too strict, but we had to protect ourselves."

InformationWeek Healthcare brought together eight top IT execs to discuss BYOD, Meaningful Use, accountable care, and other contentious issues. Also in the new, all-digital CIO Roundtable issue: Why use IT systems to help cut medical costs if physicians ignore the cost of the care they provide? (Free with registration.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
9/15/2012 | 11:46:18 PM
re: UC Medical Center Creates Unique BYOD Program
It's great to see when IT finds new solutions to meet a business need. Out of the box thinking like this absolutely leads to better patient care and higher physician satisfaction.
Jay Simmons
Information Week Contributor
Enterprise Guide to Digital Transformation
Cathleen Gagne, Managing Editor, InformationWeek,  8/13/2019
IT Careers: How to Get a Job as a Site Reliability Engineer
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/31/2019
AI Ethics Guidelines Every CIO Should Read
Guest Commentary, Guest Commentary,  8/7/2019
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Flash Poll