iPad security: How a hospital group treated trouble

Doctors have fallen in love with the Apple iPad, becoming one of the biggest early adopters among professionals. They want iPads for personal use and to get their work done. It's the latter that has healthcare IT staff scrambling to secure the devices.

The problem is that the iPad's consumer-driven origins come into direct conflict with the nature of healthcare—namely, patient confidentiality and reliance on a few critical client-server apps.

Can the iPad succeed in hospitals?

"We had physicians coming to us as soon as the first iPad came into the Apple Store wanting to connect everything," says John McLendon, senior vice president of Adventist Health System (AHS), a not-for-profit Protestant healthcare provider with 44 hospitals across 12 states. He is also CIO for AHS Information Services, which maintains clinical and business systems for many of the hospitals.

[ One enterprise embarks on a two-year Apple mobile makeover, reports CIO.com. | What happens when a CEO gives iPads to everyone? ]

For the past few months, McLendon has been working with tech vendors to make the iPad a viable tool in healthcare. He's had to implement a virtual desktop Citrix solution while he waits for one of his key patient-care app vendors, Cerner, to improve on its mobile offering.

Meanwhile, security and management of the iPad falls to Sharon Finney, AHS's corporate data security officer. She has been busily architecting what she calls a "sandbox" network with limited functionality and access that gets around the iPad's security shortcomings. Her assessment: The iPad can be secure enough for doctors to get much of their work done today, but the platform still has a ways to go.

Form-Factor: Hospitals Familiar with Tablets

The iPad took many hospitals by surprise, as well as their oft-conservative IT staff. "The way we do a lot of the more strategic-oriented projects here, we plan them out for a couple of years with road-mapping sessions," says McLendon. "We didn't have a plan to embrace the iPad."

McLendon couldn't prepare for the iPad as he could with enterprise-class devices. He couldn't get his hands on a pre-release iPad model in order to test and certify it in his environment. He didn't even know when the iPad would be released to the general public.

When the iPad finally hit Apple Store shelves, doctors bought them up. Consider the findings of a survey by Good Technology, a mobile device management vendor: The number of iPad activations, from September to December last year, dramatically dipped at healthcare firms. The dip is indicative of a massive early adoption.

"Healthcare moved so quickly to the iPad, there was so much pent-up demand, that there was that initial spike," says John Herrema, senior vice president of corporate strategy technology at Good Technology, "and then things leveled off."

One of the reasons for the fast adoption of iPads in healthcare is doctors' familiarity with tablets. AHS, for instance, has Panasonic Toughbooks in its hospitals. But the difference between these tablets and iPads, at least from a security standpoint, is night and day, says Finney.

iPad's Security Shortcomings

AHS has a secured network at its hospitals that allows Toughbooks and other devices to communicate across it and access full-blown apps. AHS owns and centrally manages every device that touches this network. For instance, Finney can lock down these devices, remotely take control of them, install anti-virus software, and knock them off the network in a variety of ways.

"I can take a laptop, workstation or tablet and say you can only access these five applications and that's all you can do," Finney says. "I can say you cannot store data locally because that device is not rated and secured for that functionality. I cannot do that on an iPad."

But doctors still wanted to take their iPads to work. So Finney has been building a mid-tier "sandbox" network with some security around it. The plan calls for the "sandbox" network to be established across all AHS hospitals in the first quarter of this year.

She'll be able to control who has authority to get on the "sandbox" network. By knowing what devices are on the network, she'll have an idea of traffic levels and thus can guarantee levels of service from a bandwidth and performance perspective.

"I can also target my security tools at that segment of the network, and monitor and audit it," Finney says. "If there is an incident, a problem with one of the devices, then I can reasonably identify who that device belongs to."

AHS began working with Good Technology tools last spring to manage iPads, but Finney still lacks an enterprise management console for the Apple iOS. "Some of those tools are solely based on the functionality provided by the native OS," she says. "To my knowledge, there are no standards for the base functionality that an Android and an Apple provide that I, as an enterprise security officer, can tap into and secure that device."

One iPad App Stays in the Waiting Room

For AHS doctors, the most important app that they want to access on their iPads is Cerner. The highly complex Windows app lets doctors view online digital charts with real-time patient information, input data, place orders, among other tasks. Cerner doesn't have a native iPad app, but the app developer is putting the final touches on a mobile app version, which AHS will evaluate in March.

In the meantime, McLendon is putting a Citrix virtual desktop solution on the iPad.

The problem is that the Cerner app was made to be used with a mouse and has a complicated order system that's tailored to a large screen. With the Citrix client on the 10-inch iPad screen, tapping data-entry boxes requires tiny fingers or constant two-finger expanding and pinching in order to change the image size of the boxes on the screen.

"The form-factor of the iPad doesn't match up with the way the application was designed," McLendon says. "I'd say it's still cutting-edge to use [Cerner] with Citrix."

Bottom line: iPad-toting doctors on the "sandbox" network will be able to use Cerner, but the experience won't be a good one. Nor will they have all the communication rights and access to data and application features like they would on the secured network.

"We're not there yet," McLendon says. "We have to have more confidence."

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags Applesecurityhardware systemstablet PCslaptops

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tom Kaneshige

Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?