04:04 PM
Connect Directly
DDoS Attacks & Their Threats to Your Business
May 10, 2016
Who better to brief you on the latest in DDoS attacks and prevention than the ones working on the ...Read More>>

UC Medical Center Creates Unique BYOD Program

University of California Irvine Medical Center develops its own mobile security system to safely give Wi-Fi access to students and staff who bring their own smartphones and tablets.

11 Super Mobile Medical Apps
11 Super Mobile Medical Apps
(click image for larger view and for slideshow)
When Adam Gold, director of emerging technologies at University of California Irvine Medical Center in Orange, Calif., wanted to give clinicians "bring your own device" access to the Allscripts Mobile MD EMR system, he realized he had to address security concerns as soon as possible. That's when CIO Jim Murray, Gold, and their team decided to create their own integrated mobile security system, which combines network access control with mobile device management.

"Users bring their own device and permission themselves to get on a wireless network so we don't have to," Gold said. Users gain access to an Internet connection, but before doing anything else, he said, they need to receive service activation in the AirWatch and Bradford systems.

The medical center uses Bradford Networks as network access control, but what was key at UC Irvine, said Gold, was connecting this to the center's mobile-device management software, AirWatch. "We wanted to tie these two systems together, even though they're separate vendors," he said.

"The vision was to provision the devices, and based on the provisioning, we give them network access," he continued. Internally, Gold and his team wrote a middleware piece, which sits between the AirWatch and Bradford systems. "So when a user goes through the provisioning process, once that process is done in AirWatch, we send a message over to the Bradford system," he said.

[ What are the stumbling blocks to BYOD in healthcare settings? Read Why BYOD Doesn't Always Work In Healthcare. ]

The message communicates to Bradford that the device is provisioned and allowed on the network. Once this occurs, the device rejoins the network on the proper VLAN, or "the proper network that Bradford is going to put it on," said Gold. This VLAN, he said opens access to additional resources on the network, such as the EMR.

"As far as I know, we're the only people who have taken it this far," said Gold. "A lot of people are doing BYOD, and a lot are using AirWatch, but from the UC perspective, we're the only ones to write our own middleware piece and tie Bradford and AirWatch together, not independently."

The medical center took additional steps to notify physicians, for example, of when they are allowed access to the network. Once a physician joins the basic Internet connection, he is taken to a Safari page with a drop-down menu, asking for the user to identify himself as a student or physician. After selecting the "physician" profile, the user is prompted to input access directory credentials. "Then, the system decides, 'We're going to go ahead and provision you,'" said Gold. "That applies an AirWatch MDM [mobile device management] policy to the device."

A few main features are part of the policy, said Gold. For starters, the system forces encrypted backups of the device. "We know it's an iOS device and it already has hardware-level encryption built in, so we tell users don't worry about that," he said. The Center also enforces a policy of alerting users that they are provisioned, as well as locking the device with a pin password 15 minutes after inactivity.

Today, the Center has more than 1,000 devices provisioned on its network, and, according to Gold, very few complaints about the system. "We had to be careful developing policies," he said. "We couldn't be too strict, but we had to protect ourselves."

InformationWeek Healthcare brought together eight top IT execs to discuss BYOD, Meaningful Use, accountable care, and other contentious issues. Also in the new, all-digital CIO Roundtable issue: Why use IT systems to help cut medical costs if physicians ignore the cost of the care they provide? (Free with registration.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
9/15/2012 | 11:46:18 PM
re: UC Medical Center Creates Unique BYOD Program
It's great to see when IT finds new solutions to meet a business need. Out of the box thinking like this absolutely leads to better patient care and higher physician satisfaction.
Jay Simmons
Information Week Contributor
InformationWeek Elite 100
InformationWeek Elite 100
Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
Register for InformationWeek Newsletters
White Papers
Current Issue
2016 InformationWeek Elite 100
Our 28th annual ranking of the leading US users of business technology.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of April 24, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.