Hospital security exec: BYOD can work at a large medical research center, if done right

Michael Pinch, chief information security officer at the University of Rochester Medical Center, recently spoke to Healthcare IT Security about hospital bring-your-own-device policies. Pinch, who secures and manages more than 15,000 devices all across three hospitals connected to the organization's network, said that regardless if provider executives love or hate the idea of BYOD, that's where we are today. "You really can't put the cat back in the bag once you've [started allowing BYOD]," Pinch told said. "We just have to address the problem."

He said that his facility boasts a 100 percent encryption policy, regardless of storage medium. "[W]e write policy to the data, not necessarily the type of device," Pinch said. He advised dividing user access between those who touch protected health information (PHI) and those who are just researchers for an organization. Article

Suggested Articles

Nearly 10,000 patients involved in research studies were impacted by a third-party privacy breach that may have exposed their medical diagnoses, test results…

Veterans Health Administration medical facilities currently have a paper medical record backlog that if stacked up would be 5.15 miles high, according to the…

The Department of Health and Human Services announced proposed changes to privacy restrictions on patients' substance use treatment records.