- Has your hospital or clinic adopted a Bring Your Own Device (BYOD) policy? If so, these devices will need to be encrypted and the information stored on them be kept confidential and secure from cyberattacks.
The need for improving data privacy and security within mobile health devices has been called for by many health IT experts. Since mobile devices allow for data sharing and greater mobility within clinical facilities, more healthcare providers than ever before have embraced using smartphones and tablets to collect data and communicate with other healthcare professionals. However, BYOD policies may be risking the data security of patients and healthcare organizations. In fact, it may increase the likelihood of data breaches in hospitals or clinics that have an unregulated BYOD policy.
A Caradigm infographic states that patient privacy and security are at higher risk than in past decades, as BYOD has come into the picture, mobile device adoption has risen, and poor encryption policies have affected data security.
The infographic shows that 69 percent of physicians view patient information via mobile applications, 49 percent use mobile apps for education or training purposes, and 42 percent receive clinical notifications through their mobile devices. Additionally, only 15 percent of hospitals don’t allow personal devices to be connected to their system’s Wi-Fi.
As more providers focus on population health management, they gain access to ever more data, which puts them at greater risk of breaches through the use of personal mobile devices. Additionally, the push for greater interoperability and sharing of data could be dangerous if an insufficient BYOD policy is in place.
The infographic also illustrates that criminal attacks on medical organizations has risen significantly. In 2010, 20 percent of organizations reported being attacked while in 2014, that number rose to 40 percent.
While the likelihood that using mobile devices in the healthcare setting will improve care is important to consider, it is also incredibly imperative to protect medical information whether it is stored in the cloud, on personal mobile devices, or on a hospital’s server system.
“Cyberattacks are a clear and present threat to every industry, in every country throughout the world,” Michael Chertoff, co-founder and executive chairman of the Chertoff Group and former head of the U.S. Department of Homeland Security, said in a company press release. “This threat is real and industries need a proactive and coordinated approach to protect their assets as well as their intellectual property. We have seen a number of attacks to critical industries in areas like the Middle East and the U.S. and these have had major impacts on their operations.”
Last year, HealthITSecurity.com reported on the security risks with a BYOD policy and discussed a survey in which most respondents stated plans for investing in technical safeguards and physical security strategies. More CIOs and managers at hospitals and clinics will need to plan on developing effective privacy and security measures especially if BYOD policies are in place at their organization.