Could Healthcare BYOD Policies ‘Bring Disaster’ for Security?
By - As more providers find healthcare BYOD policies beneficial among physicians, nurses, and other medical staff, a common fear throughout the industry is the potential for a data breach. Patient data security risks continue to dominate the discussion for healthcare BYOD policies.
In fact, at the New York Institute of Technology’s annual cybersecurity conference last month, Allison Wikoff, intelligence analyst for Dell SecureWorks, described BYOD as standing for Bring Your Own Disaster now that privacy and security risks remain high with the use of personal mobile devices, according to a press release from the New York Institute of Technology.
“The unrelenting velocity of information requires fast decisions; speed is key, as is resiliency,” Rob Evans, Director of Business Development, Air Command and Control Solutions at Northrop Grumman, said in a public statement. We are “seeing a shift from cyber security to cyber resiliency, and the need to predict and prepare for vulnerabilities.”
Along with healthcare institutions, corporations are encouraged to restrict their enemy’s actions within any network. Gregory Conti, Ph.D., Director of the Army Cyber Institute in the U.S. Military Academy, told attendees of the cybersecurity conference to “think like your adversaries.”
“Protect what is most important to your organization; that's what is most valuable to your adversaries,” Allison Wikoff said at the conference.
Eric Goldstein, of the Department of Homeland Security's (DHS) Office of Cybersecurity and Communications, believes strongly in improving interoperability and data sharing between the federal government and the private sector.
With healthcare BYOD policies becoming a mainstay among multiple hospitals and medical facilities, it grows vital to address cybersecurity risks and patient data privacy requirements.
Along with alert fatigue, the healthcare industry may need to prevent cyber fatigue as well. Goldstein also mentioned high numbers of cyber alerts – as much as 1,000 per month – causing cybersecurity analysts to bypass and not notice potentially important messages.
Currently, there are several industries including healthcare that need additional support when it comes to protecting data from cyberattacks including the privacy risks of healthcare BYOD policies.
Countless reports and studies come out showing that healthcare BYOD policies need stronger privacy and security features. For instance, HealthITSecurity.com reported on a study showing that 20 percent of analyzed apps did not have a security policy in place while 66 percent lacked encryption when transmitting data over the Internet.
The study also shows that half of the mobile apps analyzed included privacy and security policies but did not provide any information on whether personal data would be sent during Internet transmissions.
Despite the potential security risks associated with electronic patient data, the digital technology space has truly pushed forward healthcare reform and improved the quality of care across the industry.
