The distinct pressure points, privacy issues of BYOD in health care
March 25, 2014

The health care sector has been a hotbed for technological innovation in recent years, as more providers adopted novel tools such as cloud computing, electronic medical records and mobile devices to improve patient care and drive efficiency. Organizations in this industry are covered by some of the most stringent regulatory compliance statutes in all of North America, which makes handling trends such as BYOD more difficult.

However, medical firms are accomplishing a variety of deployment projects in a secure fashion by leveraging more effective and progressive access control and identity management solutions. With technology such as multi-factor authentication, BYOD can be a major productivity driver for physicians without putting their hospitals or other organizations at unnecessary risk of breach. 

BYOD-specific concerns
FierceMobileIT recently reported that one of the major concerns about BYOD in health care is the potential for data sprawl and unauthorized access to patient information. The trickiest part of this fear is that the average medical organization is experiencing pressure from physicians and other practitioners to have the ability to use their smartphones and tablets at the point of care, or for telehealth purposes. 

On top of that, EMR access must be high in accordance with several regulatory compliance statutes, meaning that the provider cannot necessarily balk on a mobility of digital patent information strategy. According to the news provider, one of the first methods of driving security in BYOD-enabled environments is beefing up the actual device's security through the use of two-factor authentication rather than only one. 

The source quoted an executive from Dell Healthcare and Life Sciences, August Calhoun, who believed that providers must be proactive and comprehensive in their security standards, covering endpoints and the native systems themselves. 

"Connected security starts with housing all your data and applications in a secure data center, creating virtual desktops for all users and eliminating storage of data from all devices not housed in the data center," Calhoun described, according to FierceMobileIT. "This creates a layer of security around the web of older applications and data silos that exist in many hospitals, instantly reducing their vulnerability."

Get it right or pay the price
HIT Consultant recently cited a finding from the Ponemon Institute that revealed 90 percent of health organizations that responded to a survey had experienced at least one data breach in the past 24 months. The source suggested that health care providers can better defend themselves by taking endpoint security seriously and implementing the necessary access controls to become more resilient to breach. 

One of the more important points that is often overlooked in this arena is the need for intuitive solutions that drive the user experience. Although one might think that the most secure solutions will be those that make it difficult to access a device or application, this line of thinking will lead to more user errors and rogue activities. 

Instead, multi-factor authentication solutions can be used to bolster the user experience while creating more layers of security to defend against hackers and exposed information.