Medical offices using mobile need security policies

Healthcare, as with any other industry, is starting to see an influx of mobile devices in the workplace. TechTarget's James Brady wrote that these devices have emerged as one of the top drivers for improving the quality, cost-effectiveness, accessibility and even safety of care. However, organizations need to have mobile device management policies in place to ensure implementations go smoothly, as how much a provider benefits can be contingent on how mobile devices are adopted. Since healthcare can be so complex and features many regulations he said there needs to be well thought-out policies and rules in every business.

The first key to success, according to Brady, is knowing the stakeholders who will be affected by mobile workforce enablement.  The four key stakeholders include end users, clinicians, management and IT staff, all who have specific requirements that will need to be met by policies to have the program work. For example, end users usually focus on how they use their devices, what the password requirements will be, what happens if they use their device and if there are any reimbursement policies, but the other groups have different aspects that are important to them.

"Physicians and nurses require secure point-of-care mobile technology that will allow them to communicate with each other rapidly and in real time in order to do their jobs efficiently," he wrote on TechTarget. "Two important areas gaining traction in healthcare settings are secure text messaging and Wi-Fi integration to provide coverage in areas where cellular signals are weak. Recent research indicates that clinicians' involvement in technology decision making and the use of a single mobile device improve the quality of care they can provide, and increase physicians' and nurses' efficiency."

A recent survey by Deloitte shows just how important it is to get the program correct, especially for doctors, as 43 percent use smartphones, tablets or other mobile devices for clinical purposes. Of those that don't use them 44 percent said their company doesn't provide mobile devices and they are afraid to use their own, 29 percent were worried about privacy and 26 percent said the apps were not suitable for their needs. Twenty-two percent said they had plans to use these apps for work in the future, showing just why each organization needs to start thinking about how they can support these users.

Policies, strategies and other management requirements of mobile
Other than figuring out how each user will tackle their own utilization of mobile devices, organizations must figure out how they can develop policies that these users will accept, according to what Brady wrote on TechTarget. There must be a balance struck between the terms and conditions that are needed to improve security and what features are most useful to employees. Compliance, for example, is something that every healthcare business needs to keep in mind before creating any rule and doctors, end users and others within the company need to know just how important it is.

Defining the mobile device management strategy and software is another key, Brady said, as this can help decide how  password settings, remote wiping, web browser capabilities, email and other aspects of the system will work. He also said content management provisions are important to provide encryption, control screen captures of sensitive content and give access.

"Recent … architectures allow for all sensitive content to be accessible without any data being stored on the device," he wrote. "In addition, mobile application management, or MAM, which provides mobile application delivery and app store management, blacklist and whitelist management, and application tracking and security, is gaining an increased footprint in the healthcare space as organizations invest in developing customized mobile healthcare applications."

Consumerization News from SimplySecurity.com by Trend Micro.

Leave a Reply