- BYOD policies are seeing a slight decline in popularity, according to a recent Spok survey, and it may be due to health data security and the challenges it poses on personal mobile device use. According to the study, BYOD usage has dropped 15 percent, meaning that in 2014 88 percent of respondents reported a BYOD policy, while this year only 73 percent of respondents do.
Many surveyed healthcare facilities cited the potential for patient information compromise as a primary reason why they do not adopt a BYOD policy. The study states that 81 percent of those who do not have BYOD policy in place report that it’s primarily due to the importance of health data security. Essentially, they believe the best way to protect patient data over mobile devices is to completely prohibit the use of personal devices altogether. Sixty-two percent of those that do have a BYOD policy feel that it is the biggest challenge when it comes to effective personal device use.
The survey indicates that one way to handle that challenge is by implementing defined regulations to BYOD policies. Eighty-nine percent of BYOD regulations cover device security. These regulations would allow organizations to spell out the expectations of the BYOD policy, such as utilizing only secure messaging systems when communicating with other physicians, or not using the device for personal use. However, the survey finds that only half of BYOD organizations use these kinds of regulations.
Furthermore, the survey found that less than half (47 percent) of healthcare providers use secure messaging systems at all. Of those that do use secure messaging, 78 percent cited PHI security as their primary concern. The survey also says that while secure messaging is more common in BYOD organizations than non-BYOD organizations, there was only a 4 percent difference between the two. Similarly, use of mobile device management (MDM) solutions are low, with the survey reporting only 27 percent of respondents utilizing the technology.
Considering the high priority hospitals put on device security, those statistics are surprising. However, the survey indicates that budgetary and IT issues may be the reasons for such lacking security measures as healthcare organizations continue to develop BYOD and patient data security policies.
According to an article on mHealthIntelligence.com, security strategies for BYOD are often similar to those used for other IT systems. For example, users are encouraged to put passcode locks on devices just as they do with other IT programs, or create a registry that would keep track of all devices and to whom they belong. HealthITSecurity.com offers other top tips in BYOD security, such as educating staff members on proper BYOD use as to prevent human error when handling sensitive patient information, and encrypting mobile devices. By implementing these strategies, healthcare organizations can open up new doors to better physician communication and information sharing.
“Looking to the future, leaders are seeking broader solutions to facilitate better transfer of information for comprehensive workflow improvements and optimal patient care throughout the hospital facility,” the survey said, noting the future for secure BYOD practices. “BYOD is a small piece of a much larger puzzle that is taking time for many institutions to frame and fill in the pieces.”