Share By Sachin Shenolikar
Using a personal phone to cover business matters is becoming common in corporate environments, and it’s rapidly evolving in medical settings as well. According to a recent Cisco study, 89 percent of healthcare employees use their smartphone for work.
The move to BYOD (Bring Your Own Device) is helping providers save money and has made it so doctors and nurses don’t have to lug around multiple devices. But it has also presented challenges concerning privacy, security, and storage.
“Mobile device management is really not taking off the way it was intended,” says Kenneth Bradberry, chief technology officer for Xerox Healthcare Provider Solutions. “We have to be able to support a wide variety of devices that users would bring in to the organization, which means you need to have a very clearly defined security policy.”
Four Things That Will Make BYOD Effective
Keeping Work and Personal Separate The first step is to have set protocols in place that effectively support devices with different operating systems that physicians and hospital staff will use. Bradberry says it’s also important to create secure “containers” on phones that can isolate protected data and applications. That way, physicians can work with medical data on BYOD phones without having to worry about it mixing with their personal information on the device.
Going to the Cloud: Another big next-step in the effectiveness of BYOD is the development of cloud computing. “[Medical records] have to be accessed from a cloud-type solution — that’s critical,” says Bradberry.
With successful cloud implementation, it can be possible to manage data and comply with HIPAA regulations without IT departments having to individually manage every device used at a hospital.
Backup Plans: Clearly defined security policies are important in order to reduce the impact of human error, such as a lost device. “Physicians are always on the run from floor-to-floor and room-to-room,” says Bradberry. “You can lose your phone or tablet. You can leave it on a plane, at a restaurant, whatever the case may be.”
Having the ability to remotely wipe the devices with geo-fencing technology will allow for better protection without being intrusive to doctors’ personal information. If a device is lost and a criminal tries to get into an application, hospital admin could reach out to those devices and prevent access.
Lines of Protection. Then there is the issue of knowing which devices are accessing your network and making sure data encryption standards are set. Healthcare organizations must be careful not to allow their personnel to use jail-broken devices because they can be security risks.
“To really put parameters around that protected information, there has to be a unique access point for any hospital application that would be accessed by these devices,” says Bradberry. “Setting guidelines and standards is important — bringing [users’ phones] into your standard as opposed to trying to create a standard that includes everyone’s technology or application.”
The BYOD market will continue to expand in the next three to five years. It will be up to healthcare providers to make sure their device security standards are tightened, protecting the personal information of both hospital personnel and patients. “All it takes is one significant breach for a lot of the BYOD strategies to start falling apart,” says Bradberry. “Security has to be a primary focus. As long as we’re making the right policy and architectural decisions, then there is a bright future for BYOD.”
Subscribe to our weekly newsletter to keep up with all of RealBusiness’ original stories.