Friday, April 19, 2013
Healthcare providers facing major security challenges as BYOD policies expand
Healthcare providers face countless challenges as they strive to provide quality care for patients while keeping costs down and ensuring the integrity of the organization as a whole. Inevitably, technology plays a major role in all of these areas. Advancements have made physicians able to diagnose and treat a huge range of diseases and ailments more efficiently, and therefore more cost-effectively. And thanks to the rise of electronic medical records (EMRs), care providers are now able to easily and instantly share patients' health data, allowing physicians and nurses to make more informed care decisions.
However, in some ways developing technologies also pose potential threats to care providers. The rise of the bring-your-own-device (BYOD) trend is a key example of this. As Lindy Benton, writing for mHIMSS, recently asserted, care providers need to make sure that their BYOD policies protect the firm's data and achieve compliance with the Health Insurance Portability and Accountability Act (HIPAA).
BYOD and security
Benton noted that BYOD has quickly become an accepted practice among many healthcare organizations, as they have recognized the inherent utility of these solutions. BYOD provides a heightened level of convenience and significant cost savings for the firm.
Yet the risk of a data breach goes up significantly when employees of any organization begin to utilize their personal devices for work-related purposes. And while this is a major concern for any firm, it is particularly important for healthcare providers due to the nature of the data they collect, send and receive. Furthermore, as Benton highlighted, the HIPAA Omnibus, which went into effect on March 26, equates data breaches with patient harm. Consequently, any organization responsible for data which is exposed or lost can face major repercussions from regulatory authorities.
"The challenge is that mobile technology and all its related benefits have become the norm in real-time communication in our society," said Guillermo Moreno, vice president and managing director of the Experis Healthcare Practice, the news source reported. "When applied to the healthcare space, however, a person's privacy and security must be considered equally as important as convenience and cost."
Not only will a data breach potentially lead to large fines and other sanctions, but it will also tarnish the healthcare provider's reputation, which can hurt its ability to attract personnel and patients in the future.
To ensure the integrity of BYOD policies in healthcare settings, Benton asserted that organizations should pursue applications that prevent the local storage of patient data on mobile devices and ensure HIPAA-compliant document storage, transmission and capture, among other criteria.
Additionally, healthcare firms should consider investing in secure file sharing tools designed to accommodate BYOD deployments. Specifically, organizations should look for solutions that operate with minimal required effort on the part of users, which greatly increases usage rates and therefore improves the overall integrity of the firm's data.