If your home care agency or hospice is like most, you have already deployed or are seriously considering investing in mobile computers for your clinical staff. In this environment, the tools you have to manage office PCs cannot keep up. It is time to learn from the big boys. What do large corporate IT departments do?
Most of them face a PC lifecycle management (PCLM) environment that struggles to incorporate the needs of mobile workers who range much farther than the most distant patient home. They handle telecommuters whom they never see and international sales teams whom they know of by reputation only. Their day-to-day PCLM effort encompasses financial inefficiencies, compliance risks and security consequences that can result in challenges like yours but on a grander scale.
They have learned:
- Inventorying tools are dependent on a connection to the corporate network
- Manual data collection processes are inconsistent
- Inventory collection agents are often tampered with by your own employees
- Data collection methods are fragmented and dispersed
To do their job more effectively and report improvements to management in an easily understood way, do what they do. Adopt a PCLM approach that reflects the realities of mobile computing in home care:
- Use tools that track assets via the internet, independent of network connection type
- Automate data collection to automatically collect ‘who, what, where’ information
- Use firmware-embedded inventorying agents to avoid tampering
- Centralize data views via an online interface or online portal with plug-ins
- Utilize software-as-a-service solutions for scalability and cost-efficiency
Putting such a plan in place will help achieve increased auditing accuracy, improved compliance, enhanced security and substantial cost savings. In times like these, saving money, doing more with less and protecting your agency’s reputation can make heroes of the agency IT staff.
Here are some further insights based on research by one of the technology world’s leading mobile security firms, Absolute Software. Admittedly, they have an ax to grind and a product to sell. Nevertheless, the white paper from which this plan is devised offers sound recommendations.
PC Lifecycle Management
PCLM enables efficient and cost-effective management of computing assets – including hardware and software – throughout their lifecycle. Sound PCLM programs are invaluable to technology planning and procurement and, when effectively implemented, improve productivity, enhance performance and maximize cost efficiency.
At its foundation, PCLM requires accurate inventory of all of your agency’s computing assets. In an agency where point-of-care has been deployed, this becomes more difficult to accomplish. Clinicians’ devices rarely appear within the office. Still, your accurate inventory requires full visibility not only into devices connected by wires but also to the mobile machines beyond your physical control.
Limitations of inventory tools
The most common PCLM tools rely on a discovery agent to supply inventory data. If a device is not connected when the inventory is run, data will not be captured and reported. Policies intended to encourage network connection at scheduled times are difficult to enforce.
A recent survey of 156 IT professionals by Info-Tech Research Group found that, at any given time, they are able to track 68% of their assets. Thus, 90% of survey respondents concur that off-network tracking capabilities are essential but only 34% expressed satisfaction with their vendor’s ability to track off-network devices.1
Limitations of employee-controlled data collection
To bridge the gaps left open by inventory tools, some IT managers decide to use some kind of manual process. This allocates responsibility to individual employees, who, among other tasks, must supervise machine movement, detect missing or misplaced assets, monitor upgrades and installments, and regularly record and report asset status.
Imagine for a moment the reaction of overworked nurses asked to perform IT tasks. Time intensive and inefficient, manual solutions are prone to the inaccuracies and inconsistencies characteristic of human input. Even the willing manual recorder will commit common mistakes. A busy clinician can delay the documentation process while a negligent one can forgo it all together.
Issues with consistent documentation are compounded by mobile computers’ tendency to switch hands from time to time, changes that manual records can be slow to reflect. A majority of Info-Tech survey respondents, 79%, said that inconsistent manual processes prevented them from achieving optimum auditing accuracy. 46% found it challenging to manage software patches and updates.
Some beleaguered CIOs resort to the shotgun approach, deploying multiple inventory system in the hopes that aggregated data will equate to complete data. Tools include:
- enterprise asset management systems (85% of survey respondents)
- automated discovery system (54%)
- barcode scanner (51%)
- maintain a log book (48%)
- radio frequency identification (37%)
Multiple costs of inaccuracy
With an inaccurate account of inventory comes an inability to effectively plan for procurement, upgrades, migration and retirement. Poor visibility makes it difficult to identify and perform proactive maintenance tasks, compromising machines’ optimal life span. This translates into high replacement costs, ineffective allocation, inefficient purchasing and ultimately, unnecessary expense.
Mobile computers also increase the incidence of loss and theft. Consider that factors such as lost productivity, replacement and data breach costs mean a missing device runs an organization $49,246 on average.2 Add to that the fact that 92% of IT security practitioners who participated in a recent Ponemon Institute survey stated that someone in their organization has had a laptop lost or stolen, with 71% adding that this loss resulted in breached data.3
Unmonitored use also allows for unauthorized activities to go undetected, posing risk to both the individual machine and the entire fleet should the device introduce hazardous items to the network.With such severe consequences of poor mobile management, you may be tempted to run for cover but implementing a cost-effective, preventive solution is the IT department’s opportunity to shine.
Key PCLM elements in a mobile environment
There are technologies that can track devices on or off the network. This may be where Absolute Software’s white paper becomes self-promotional but resist letting that turn you off. It is a decent solution but you can always shop for their competitors.
The recommended systems collect asset information via an Internet connection whenever a remote machine connects, not only at designated times scheduled by IT staff. Some incorporate geo-location tracking: using GPS or WiFi to pinpoint machine location on a digital map — or geo-fencing: defining device boundaries which trigger alerts should a device cross them. These additional features help identify suspicious circumstances, more easily determine if a computer is lost or stolen and more quickly locate machines for basic maintenance tasks. The better ones extend their reach to PDAs and smart phones as well.
To prevent employee tampering with software tracking applications, acquire one with a firmware-embedded agent. Asset tracking agents that are embedded in PC firmware, usually the BIOS, at the point of manufacture are the most tamper-resistant solutions available. Such software is highly resistant to unintentional or deliberate meddling as an embedded agent can continue to report asset information even if an OS is re-imaged, or the hard drive reformatted or replaced. Regardless of whether a device is within your physical control, tampering can be prevented and uninterrupted asset reporting ensured.
Other recommendations include:
- Automate asset data collection as much as possible, avoiding manual processes that rely on employee diligence, technical expertise and consistency.
- Centralize inventory data with an online interface. Aggregate fragmented data into one, easily managed location.
- Utilize SaaS to minimize infrastructure and maintenance costs, for all the same reasons you do your banking online: simple to implement and scalable as your needs change.
Benefits of PCLM best practices
Improved planning: Systems that inventory assets regardless of their physical location and that do so automatically without end-user reliance can consistently achieve over 99% accurate inventory data. This is the data you want to use to forecast your refresh cycle. Accurate inventories:
- educate purchasing
- allow for allocation on basis of use
- help identify necessary refreshes, updates and retirement
- streamline procurement
- allow you to proactively plan for upgrades
- identify and execute preventative maintenance tasks
- avoid unnecessary disrepair, waste and excess costs
- eliminate over-purchasing
- realize the optimal life span of each and every computer.
Build your reporting system around a resource-light SaaS system and you accomplish all these things with a minimal cash outlay.
Regulatory compliance: Systems with off-network tracking capabilities let you better collect, store and manage data needed for corporate and regulatory compliance. Automated inventory systems help ensure data is consistent, accurate, up-to-date and easily accessible at all times – key to fulfilling audit requests and proving compliance measures.
Proactive security: Is your job secure no matter what results you produce? Few are. The fastest route to a pink slip is allowing a preventable HIPAA breach. If you have detailed knowledge of where mobile devices are located, who is using them and what is installed on them, you can more easily identify and monitor potential security risks – such as suspicious machine movement, unfamiliar usernames, unauthorized downloads and other non-compliance activities. Proactive security measures can then be taken, minimizing loss, theft, the resulting data breach risk– and harsh regulatory penalties.
And in the end…
Managing mobile PCs, PDAs and smart phones is different from managing office computers. If you are the individual responsible for this aspect of a 21st-Century home health care agency or hospice, you have already realized that using traditional methods is difficult and less effective.
Mobile computers will leave your network, employees will tamper with them, and your line of sight into them will become muddied. By adopting systems which can accurately and automatically track them regardless of their physical location, resist tampering and do it all without a new server stack, you too can be an IT hero.
——————————
1Info-Tech Research Group, Where’s Your Laptop? Incorporating Laptops into IT Asset Management Practices, January 2010.
2 Ponemon Institute, The Cost of a Lost Laptop, April 2009.
3 Ponemon Institute, The Human Factor in Laptop Encryption.
