#BYOD#Bring Your Own Device#hospital#security#IT security#BYOD

How To Manage BYOD Systems In The Healthcare Arena

Follow @HealthCareG The Bring Your Own Device (BYOD) trend has gained traction within the healthcare and medical space and it offers a number of benef...

Admin
|Feb 26|magazine12 min read

 

The Bring Your Own Device (BYOD) trend has gained traction within the healthcare and medical space and it offers a number of benefits for both large and small health institutions. However, the BYOD trend also presents a number of challenges, chiefly related to security. Security within the medical arena is hugely important, not only owing to patient confidentiality, but also because prescriptions and medical records are shared electronically and can be extremely damaging if they fall into the wrong hands. Until very recently, medical institutions and hospitals have also been more concerned with focusing on their core business than dealing with IT security, but the reality is that in today’s world security challenges need to be addressed if hospitals are to take advantage of the value of BYOD without falling foul of the problems it can bring. The debate surrounding data security has become even more prevalent in recent months, after figures suggest that 85 percent of hospitals are introducing BYOD as a concept.

For healthcare institutions, the concept of BYOD can be enormously beneficial. It can help to increase productivity, as every individual has their own preference on how they work best, and BYOD lets them use the device of their choice, with which they are already familiar. There is also a cost saving benefit, since the institution no longer needs to buy specific devices. However, while the flexibility and person aspect of BYOD is one of its benefits, it is also one of its biggest weaknesses, since this concept is prone to opening an organisation up to a host of security concerns. Currently, the trend is such that doctors have limited access to institution specific applications, however this level of engagement from personal devices is on the rise each and every day.

Ensure Correct Permission Is Granted To Users

In order to react to this changing trend, the challenge is to find the right balance of access for authorised users, while ensuring that unauthorised persons cannot gain access to the hospital’s network. Chief Information Officers need to prevent unauthorised access to data, and ensure that permissions are setup properly to achieve this while allowing doctors and medical staff to access the information they need.

However, BYOD and the security challenges surrounding it are not the only security issues faced by hospitals. If a hospital is considering rolling out a fully operational BYOD system it would be well advised to set strict guidelines regarding password and login user information. Leaving standard passwords or having weak passwords on the devices means that outside users can gain access to the network. Internet security is also important, and it is necessary to have adequate firewall technology in place to prevent external threats.

Circling back to the issue of BYOD, there are several other security concerns given the mobile nature of these devices. Because they are portable, they are more likely to get lost or stolen, which means that sensitive information could be compromised. Using built-in features such as screen locks and passwords is a simple but necessary step to preventing the casual attacker. It is highly recommended that healthcare institutions invest in security technology that enables the encryption of sensitive information, as well as the ability to remotely wipe the device should it go missing.

DoctorMobilePhone.jpg

BYOD Schemes Allow Doctors To Use The Mobile Devices They Feel Most Comfortable With

Ensuring Safety When Working Remotely 

It is also necessary to allow users on mobile devices such as laptops and tablets to access the institution’s network when they are not on site. Securing remote access can be done either by ensuring a very strong password is in place, or by hard coding access for specific devices using each device’s unique MAC address. This will block any devices that are not permitted from accessing the network. Remote desktop technology is another option, allowing the user to access the server as if they were in the hospital, ensuring that the same security policies apply to remote working as they do on site. It is also possible to set up a Sharepoint site that allows users to access common data via the Internet, with passwords to authenticate users and access.

BYOD offers many benefits to health institutions, and is a convenient way of allowing users to work on technology they feel comfortable with. However, it does present security challenges on top of those already faced. When it comes to securing the organisation, this often is not a core focus or priority. It is therefore often a good option to partner with a reliable and reputable IT service provider that will ensure security solutions meet requirements, are fit for purpose, and will allow medical institutions to benefit from the technology without falling prey to attacks and security threats.