Benchmark Awards 2019 Finalists: Melanoma Institute creates secure workspace

When Ernie White took the CIO's seat at Melanoma Institute Australia a little over a year ago, his mind soon turned to security.

The Institute’s (MIA’s) researchers work across Macquarie and Sydney universities, while some of its own team at the Poche Centre collaborates with researchers in Norway, the Netherlands and Canada.

Some of the Institute’s researchers also work in hospitals across Sydney.

The data they work with can include patient records and the Institute’s colossal database of melanoma-related research and records, which is used to research therapies for melanoma.

MIA therefore needs to let researchers around the world access data and share it securely, while complying with Australian, European and Canadian privacy regulations.

And White said he also had to do so without any learning curve for users, as many combine research with a medical practice and therefore just don’t have the time or tolerance for tools that take significant time to learn.

The Institute’s users therefore used email and cloud sync and share tools to communicate and share data.

Which was a worry: White discovered MIA could not effectively track who had accessed the Institute’s data and whether data like patient records were appropriately handled.

His response was to investigate enterprise workspaces and he settled on BlackBerry’s WorkSpace.

White said integration with Outlook was a critical factor because clinicians just use email to share data, as they’ve done in the past.

But email is now back-ended by an enrolment system that logs senders and recipients into a BlackBerry-managed application that encrypts data at rest and in-flight.

The Institute can apply DRM to documents so they can only be viewed on machines running the appropriate software and by people invited to do so. Documents and data can be “time-bombed” to expire access.

MIA’s Board signed off on the purchase and so did the organisation’s Clinical Committee, which represents practitioners. White is proud of the latter as it shows the tool was not considered an impediment to delivering patient care or conducting research.

That outcome’s important, but White also feels MIA is now in a position that it can explain its security stance quickly and easily.

That matters for an organisation that secures half of its funding from grants. It also matters to patients, who can be leery of their records being shared among hospitals and offshore researchers.

“If you lose a patient’s trust, you're done,” White said. He’s now confident patients don’t have cause to worry.

MIA’s BlackBerry software runs in Azure and White has no qualms about that. MIA’s data remains on-premises in EMC SANs (but White is now pondering a hyperconverged replacement).

This project has been named a finalist in the Health category of the iTnews Benchmark Awards 2018/19.