3 keys to BYOD policy for hospitals

When the IT staff at Beaufort Memorial Hospital, in Beaufort, S.C., noticed doctors and nurse texting each other on their personal devices, they knew it was time to develop a bring-your-own-device (BYOD) policy.

Ed Ricks, vice president of information services at Beaufort, said in an Healthcare IT News article that he didn't want to police healthcare workers' personal devices, but their unencrypted texts were clearly HIPAA violations.

In an article at Healthcare IT News, offers three tips for making BYOD fairly easy:

  • Make the system invisible: Security and HIPAA compliance shouldn't bring cumbersome intrusions on workflow. 
  • Don't stop with personal devices: Ricks recommends desktop virtualization across the enterprise, allowing workers to access applications from any computer.
  • Make it simple: At Beaufort, workers use their ID badges, which come with an embedded radio frequency identification (RFID chip), so they can access any computer in the building--eliminating the need to remember and continuously log in an unwieldy number of passwords.

A focus group convened at the Healthcare Information and Management Systems Society (HIMSS) 2013 conference in March named security of mobile devices one of the biggest challenges for health IT. Many healthcare organizations are being dragged into creating BYOD policy as workers bring their consumer products to work.

A recent HealthcareInfoSecurity survey of about 200 healthcare CIOs, IT directors, CISOs and other senior-level employees found 58 percent allow personal devices at work, but only 46 percent encrypt data stored or accessed on those devices, raising the specter of security and compliance breaches.

Meanwhile, virtualization is among the technologies being adopted at an "aggressive rate" in healthcare, according to an HIMSS Analytics report calling it among the technologies to watch.

To learn more:
- find the article on Healthcare IT News

Suggested Articles

An assessment looking at 12 health systems that allow patients to download their health records to their smartphones via APIs finds modest uptake.

The National Institutes of Health-led All of Us precision medicine health research database project has enrolled 230,000 participants.

Hospitals must pursue a deliberate strategy for managing their public image—and a powerful tool for doing so is inpatient clinical data registries.