In 2018, the reformed General Data Protection Regulation (GDPR) will be applicable (http://ec.europa.eu/justice/data-protection/reform/index_en.htm). Recently, an article in ComputerWeekly summarized how these rules will affect everyone: ‘The new compliance journey will require entities to map and classify all their personal data; perform risk assessments; design privacy protections into all new business operations and practices; employ dedicated data protection officers; monitor and audit compliance; and document everything they do with data and everything they do to achieve legal compliance.’ ‘A key element of the GDPR is that it not only gives rise to increased compliance requirements, but these are backed by heavy financial penalties, which in the final text turned out to be up to €20m or 4% of annual worldwide turnover for groups of companies, whichever is greater.’ (http://www.computerweekly.com/news/4500270456/EU-data-protection-rules-affect-everyone-say-legal-experts )
Whereas all companies and instances in the European Union will be affected by these rules, they will definitely have a significant impact on healthcare and patient data. On one hand, doctors and nurses require easy and fast access to patient data on any device, including mobile devices, to be able to work fast and efficiently. On the other hand, this data must be treated with the highest confidentiality at all times.
Healthcare organizations need to simplify clinical workflows enabling fast and secure access to patient information. The proliferation of mobile devices is offering new opportunities in care delivery models, mobilizing clinicians both within and outside of the hospital. Picture this: a doctor or nurse walking from one patient to the other, can easily access the next patient’s file on a shared clinical workstation that is located closest to the patients room. He just taps his ID-card to the workstation to identify himself and is automatically logged-on. His ‘desktop with all the patient’s data’ is literally following him around in the hospital, and available immediately whenever he needs access to it. When returning home after work, this doctor can also connect to real-time clinical data from home, with his tablet or smartphone, or share patient data with other clinicians. Underpinning this ease of access is a mandated need for security with failures incurring steep fines. By using VMware technology, in combination with the services of a specialized partner, this can be achieved.
VMware Workspace ONE unifies user, desktop and mobile management to enable a Digital Clinical Workspace that moves with care providers throughout their day. From the out of hours emergency calls to the bedside consults, the Digital Clinical Workspace enables secure simple access to patient information from the right device for the right task at the right time. With this technology, you can make life easy for the clinicians (easy access to their applications and patient data, from the device and location of their choice), whilst making sure that data protection is guaranteed (define who can access what, with which device, from what location, and who cannot; but also define who has the rights to edit information and share it with others, and who doesn’t). This blog also contains a short video, introducing the Digital Clinical Workspace: http://blogs.vmware.com/healthcare/2016/02/introducing-the-digital-clinical-workspace.html
Partners specialized in the healthcare market have an important role to play to facilitate this.
Let us have a closer look at Raido and SecureLink who are active players in the healthcare market. Wim Van Balen (Sales manager specialized sales) explains why they focus on this particular segment: “The healthcare sector has complex IT challenges. They need flexibility on one side and security and high availability on the other. All data has to be available at all times and in all places in a secure way. VMware’s End User Computing technologies provide the solution to this complexity. It makes it possible to work from different locations e.g. from home, from a different campus, from the operation room… while keeping the data secure centrally in the datacenter. There is a lot of sensitive information (e.g. patient data) that cannot be available to everyone, therefore security is important on every level. That is where SecureLink comes into the picture. SecureLink is a specialist in securing networks and data infrastructure. Together with Raido, we can offer complete end-to-end solutions that cover all the customers’ needs. Our expertise has already been rewarded multiple times through many certifications.”
Currently, Raido is working on a project at the Koningin Elisabeth Institute (KEI), a rehabilitation hospital in West-Flanders, Belgium. At KEI, two people, including Stefaan Dewulf, are responsible for the entire ICT. To give you an idea of their situation: each desktop/laptop was a separate entity and everything needed to be installed and maintained manually on each device. That was of course very time consuming. To avoid the cost of additional staff, the KEI chose to virtualize their IT environment. Through VDI, everything can be managed from one location. As a result, Stefaan will be able to work more efficiently and he can focus on the most important issues. To accomplish this VDI environment, Raido is using the end-user computing package of VMware that includes VMware Horizon, VMware UEM and VMware App Volumes. To help protect the VDI environment in an adequate way, it is important to have a security that is low in operational maintenance, doesn’t jeopardize the server performance and of course is efficient enough to mitigate the risk of malware attacks. Since the VDI environment was a Greenfield opportunity, Stefaan Dewulf looked for a more innovative solution than traditional malware vendors and chose NSX for its micro-segmentation functionalities and security automation. Having each virtual machine (VM) separated and firewalled within the hypervisor, will not only give Stefaan Dewulf peace of mind, but the automation process will also relieve him of manually adding AV-clients to every VM that will be added in the future. NSX will take care of his security so he doesn’t have to.
Raido and SecureLink are very committed to the healthcare market. That is why they will attend the HIMSS / World of Health IT exhibition in Barcelona together with c-levels from the IT and Healthcare sector. That event takes place in November 2016. Raido and SecureLink offer a customized program that is adapted to the Belgian delegation.
As you can see, VMware technologies and specialized partners can help hospitals address the challenges imposed by the General Data Protection Regulation (GDPR). Additionally, they will contribute to more flexible ways of working, whilst guaranteeing the highest levels of security.
By Tom Vallons, Partner Development Specialist EUC