Make mobile device security a priority

It’s no wonder that health systems continue to struggle with bring-your-own-device (BYOD) policies. Physicians, clinicians, techs and support staff live and die by their devices, just as workers in about every other industry do.

But healthcare is different because of the emphasis on safeguarding protected health information (PHI). A single penetration can expose tens of thousands of medical records and potentially lead to investigations and sanctions that could cost a provider millions of dollars and loss of patient credibility and trust. In February 2017, Children’s Medical Center of Dallas paid a civil penalty of $3.2 million related to the theft of an unencrypted mobile device in 2009 and the theft of an unencrypted laptop four years later.

Eye-popping fines give the healthcare C-suite pause as whether to allow personal devices in the workplace. However, the penetration of BYOD continues, with seven in 10 hospitals allowing the practice, compared with 58 percent in 2016, according to research from communications company Spok. But even absent a policy, 63 percent of physicians and 41 percent of nurses use their own devices at work—even when BYOD is prohibited.

To read the full article, visit Becker’s Health IT & CIO Review.