Reducing Shadow IT in healthcare by embracing “good enough for HIPAA” business-friendly SaaS tools

Transcript

1. Reducing Shadow IT by embracing
   “good enough for HIPAA” business-
   friendly SaaS tools
   Box.com Healthcare Webinar
   Shahid N. Shah, CEO
   

   View Slide

2. NETSPECTIVE
   www.netspective.com 2
   Who is Shahid?
   • 20+ years of software engineering and multi-
   site healthcare system deployment
   experience
   • 12+ years of healthcare IT and medical
   devices experience (blog at
   http://healthcareguy.com)
   • 15+ years of technology management
   experience (government, non-profit,
   commercial)
   • 10+ years as architect, engineer, and
   implementation manager on various EMR
   and EHR initiatives (commercial and non-
   profit)
   Author of Chapter 13, “You’re
   the CIO of your Own Office”
   

   View Slide

3. NETSPECTIVE
   www.netspective.com 3
   Clinical tech users are resourceful
   Clinical professionals that
   are counted on to save
   lives do not always wait
   around for solutions, they
   create them.
   

   View Slide

4. NETSPECTIVE
   www.netspective.com 4
   Shadow IT is prevalent & growing
   • When they only had
   access to MS Office,
   “Shadow EHRs” were
   created using Word,
   Excel, and Access.
   • In the cloud era, they
   pick consumer-grade
   and least-secure options
   when you don’t give
   them reasonably secure
   options instead.
   

   View Slide

5. NETSPECTIVE
   www.netspective.com 5
   What does HIPAA compliance mean?
   The rules:
   – http://www.hhs.gov/ocr/privacy/hipaa/administrative
   /omnibus/
   Read the rules, don’t take anyone else’s informal
   legal opinion (these are federal regulations).
   

   View Slide

6. NETSPECTIVE
   www.netspective.com 6
   Most important HIPAA considerations
   Participants
   (Specific)
   • Covered
   Entities [CE]
   (plans,
   providers,
   clearinghouses)
   • Business
   Associates [BA]
   (needs data to
   help a CE)
   Safeguards
   (Guidance)
   • Administrative
   • Physical
   • Technical get a business
   associate agreement
   (BAA)
   

   View Slide

7. NETSPECTIVE
   www.netspective.com 7
   Most important cloud considerations
   • Business-grade
   functionality
   • Consumer-grade ease of
   use
   • Auditable with easy to
   use notifications (reduce
   permissions requirement)
   • Workflow-independent
   • Platform-independent
   • Device-independent
   

   View Slide

8. NETSPECTIVE
   www.netspective.com 8
   Healthcare Industry Fallacies
   • Healthcare folks are neither technically challenged nor
   simple techno-phobes (they’re busy saving lives)
   • Most technology product decisions are no longer made
   by the CIOs
   • Complex, full-featured, products are not better than
   stand alone tools that have the capability of
   interoperating with other solutions
   • Hospitals will not buy unless one proves value.
   

   View Slide

9. Thank You
   Visit
   http://www.netspective.com
   http://www.healthcareguy.com
   E-mail [email protected]
   Follow @ShahidNShah
   Call 202-713-5409
   

   View Slide