In our recent healthcare survey, we found that 61% of hospital and health systems have at least 50% of their employees using mobile devices for work. Although BYOD devices are being used by hospitals, with 36% of these accessing protected health information (PHI), 63% of these healthcare organizations do not have a formal policy for BYOD.
Our survey revealed that the top concerns about mobile devices are regulatory non-compliance, the risk of information breach and providing inaccurate information to users. There have been numerous high profile incidents proving that these concerns can be valid, if no precautions are taken to protect the data at risk.
The benefits of BYOD on employee productivity, costs and better healthcare service to patients are pushing BYOD adoption up in healthcare. Healthcare organizations need to be aggressive in setting up protections for data to avoid a high profile security incident.
As noted by iMedicalApps, lost and stolen devices are a reality that all healthcare organizations need to face. As these devices become increasingly integrated to healthcare systems and have greater access to PHI, data controls need to be in place. Whether the device is BYOD or company-owned, the easiest solution for device management is to focus on the data, not the device. When you define your data by the individual, you have a greater control over understanding what data access is needed, where the data is being used and how to respond if a security incident occurs.
The approach may sound very open, but it is not a free-for-all; devices that do not meet minimum security requirements can be blocked from accessing the network and BYOD devices need to be registered and controlled in the event the device becomes non-compliant. As the article on iMedicalApps suggests, the ability to remotely wipe non-compliant devices, as provided by Absolute Computrace, is key to protecting data at risk.
To learn how to better manage BYOD in healthcare, visit our healthcare solution page or read our guide on How to Implement a BYOD Policy in 3 Simple Steps. For more on this topic, sign up for our webinar on September 26th: Safeguarding Healthcare Endpoints & Data.