Home » News » Military Health | Mobile/ Wireless | Population Health | Privacy and Security
Receive News
By Email

  • del.icio.us
  • Digg
  • Facebook
  • Google
  • Reddit
  • StumbleUpon
  • RSS Icon
  

VA expects to award MDM tool by Sept. 30

September 27, 2012 | Mary Mosquera

Related Resources

The Veterans Affairs Department expects to formally award by Sept. 30 a contract for mobile device manager software, which will enable VA to ultimately support up to 100,000 devices and allow employees and clinicians to use their own devices.

The “bring your own device” (BYOD) policy, however, will set limitations on personal devices for data security to protect veterans information, according to Roger Baker, VA CIO.

For example, thousands of medical students practice annually at VA hospitals, and with the MDM, they will be able to use their own mobile devices if they agree to certain restrictions.

[mHIMSS Editor Eric Wicklund explains the industry's lax attitude toward BYOD security.]

Baker anticipates that the mobile device management (MDM) vendor will be publicly announced next week. VA is slated to select the vendor by the end of federal fiscal 2012, which is Sept. 30.

VA has already awarded $500 million in IT contracts in September in order to get in under the fiscal year-end deadline, he said during a Sept. 26 briefing with reporters. VA external spending for IT in 2012 is between $2.3 billion to $2.5 billion.

The MDM software will be more robust than the mobile manager now in place and will be used across the VA enterprise. Over time, VA expects the MDM to support up to 100,000 bought or brought devices, which could be Apple iPhones and iPads and other smart phones as they are introduced to the department, in addition to the currently managed Blackberries.

Once the MDM is awarded, VA will consider an internal apps store, Baker said.

It’s not clear how many mobile devices that VA will buy, and when it does, the mobile devices will not be just one particular brand.

“We will look at the business case for productivity and savings from having mobile devices,” he said, adding that “buying the devices has to be driven by the business requirement.” The services behind the device, including the MDM, the systems, and the network are specified and supported by the IT organization.

VA businesses will decide how to use such devices and whether that is best done from a BYOD or government purchased machine.

“Our major role where the device is concerned is specifying and enforcing information security for the device and the apps. From there, the type of device is so varied that we view it as a business device, not an IT device,” Baker said.

[See also: How Kerry's MITECH Act addresses integrated care centers.]

VA employees can already use their own mobile machines to view data through the department’s access gateways. But to get inside the network to download and store the information with a BYOD device will require policies set by VA IT.

With the MDM in place, VA will verify that the BYOD is not running software that could compromise security. Baker described some of the limitations on BYOD, including that employees will need to:

• Acknowledge if their device has been “jail broken”, and if so they will be denied access to the network

• Acknowledge that because the device may at some point have VA information on it, VA may wipe the device clean if it is determined the information is at risk

• Sign up for rules of behavior when using such devices if they plan to store VA data

• Agree that the device, if it will be used to store data, can be brought under VA controls to verify that there is no VA information on it or look at what was done with that data

The ability to wipe the device clean if there is VA information stored on it that is at risk will be a key issue.

“They may have their iTunes store and the apps they’ve bought on it, so they would be able to reload it, but it will be inconvenient if we have to wipe it to protect VA information,” Baker said.

“There are a variety of things that 95 percent of population will say 'that doesn’t bother me at all,' and 5 percent will say, 'no, you’re not going to do that with my device,'” Baker said, adding that it will be critical that “there is clear communication of expectations between VA and the individual relative to what’s going to happen.”

Related Military Health IT coverage:

Health IT helps fight the war at home

EMR policies get a refresh in Afghanistan

VA, SAMHSA test exchange of tagged substance abuse data

ONC advancing Blue Button, CDS standards efforts

VA, HHS team up on telehealth

Bipartisan VETS Act would allow care delivery across state lines

Q&A: 3M president Lindekugel on how Open HDD and VA, DoD iEHR will trigger innovation

VA looks to revolutionize veteran care with SCAN-ECHO
 

Related Topics:

Reader Comments (0)Login to Post a Comment