When the IT staff at Beaufort Memorial Hospital, in Beaufort, S.C., noticed doctors and nurse texting each other on their personal devices, they knew it was time to develop a bring-your-own-device (BYOD) policy.
Ed Ricks, vice president of information services at Beaufort, said in an Healthcare IT News article that he didn't want to police healthcare workers' personal devices, but their unencrypted texts were clearly HIPAA violations.
In an article at Healthcare IT News, offers three tips for making BYOD fairly easy:
- Make the system invisible: Security and HIPAA compliance shouldn't bring cumbersome intrusions on workflow.
- Don't stop with personal devices: Ricks recommends desktop virtualization across the enterprise, allowing workers to access applications from any computer.
- Make it simple: At Beaufort, workers use their ID badges, which come with an embedded radio frequency identification (RFID chip), so they can access any computer in the building--eliminating the need to remember and continuously log in an unwieldy number of passwords.
A focus group convened at the Healthcare Information and Management Systems Society (HIMSS) 2013 conference in March named security of mobile devices one of the biggest challenges for health IT. Many healthcare organizations are being dragged into creating BYOD policy as workers bring their consumer products to work.
A recent HealthcareInfoSecurity survey of about 200 healthcare CIOs, IT directors, CISOs and other senior-level employees found 58 percent allow personal devices at work, but only 46 percent encrypt data stored or accessed on those devices, raising the specter of security and compliance breaches.
Meanwhile, virtualization is among the technologies being adopted at an "aggressive rate" in healthcare, according to an HIMSS Analytics report calling it among the technologies to watch.
To learn more:
- find the article on Healthcare IT News