The increased use of healthcare mobile devices has provided caregivers with access to patient data on the go and...
at the bedside. But with the ongoing security threats targeting the healthcare industry, hospital IT departments must take a new approach to mobile device management and security.
Securing health data has always been a top priority for healthcare organizations. Before mobile devices and BYOD became popular, hospitals were better able to control what data was accessed, how and by whom. By using desktop management tools and restricting access to corporate devices, hospitals had more control over and confidence in the security of their data.
However, mobility is quickly becoming popular for access to data on the go. Hospitals have been outfitting their facilities with upgraded wireless infrastructure to keep up with the demand for speed and connectivity. One challenging aspect of a wide mobility rollout and its adoption in healthcare is how to secure sensitive information on corporate- and employee-owned devices. This new complexity has required IT to take a different approach to managing these devices.
One of the new strategies that hospitals are adopting to address the security concerns around healthcare mobile devices is the use of security tools and techniques that can tackle identity, device, application and content management.
Identity management secures data upon entry. To ensure that the data is only accessible to authorized users, implementation of identity management systems is a must. A hospital must be able to use identity protection techniques that support multifactor authentication (MFA) and the detection of hijacked accounts that commonly result from stolen usernames and passwords.
Mobile device management (MDM). Hospital IT staff previously managed computers and laptops using asset management applications. With the recent increase in healthcare mobile devices, MDM became the new platform that enabled IT to secure those devices. MDM offers an easy way for a device to be locked down if it's lost or stolen. It also ensures that certain configurations are in use to protect the device and the data it accesses.
Mobile application management. The rise of BYOD has also created new challenges for IT as more users seek to use their own personal devices for work-related tasks. That means IT must identify ways to protect the data accessible to personal devices without overstepping their boundaries. MDM vendors have introduced mobile application management as a new way to apply controls and restrictions at the application level by containerizing the content so it's no longer accessible to a device's operating system and apps.
Advanced auditing and tracking. Another area healthcare organizations are looking at when it comes to enterprise mobility management is auditing -- the ability of the system to offer advanced reporting and tracking to monitor and detect any abnormal behavior. Having access to such capabilities provides IT with a method to proactively detect and address potential security issues.
Whether physicians use their mobile device to review patient charts or patients fill in their medical history on a tablet at check-in, healthcare mobile devices are increasingly becoming the norm. While users feel comfortable with their lightweight "mini computers," IT still faces the realities associated with implementing the right tools to protect health data. Enterprise mobility systems are designed to support the maintenance and protection of mobile devices -- but they're not bulletproof.
The tools and techniques available today have certainly proven to make the hacking of mobile devices far more challenging. With the continuous security threats facing healthcare, however, IT must remind end users through training and education how to stay vigilant and recognize security vulnerabilities.
Seven tips for securing mobile devices in healthcare
Healthcare mobility is on the rise, but concerns remain
Mobile in healthcare can benefit from cloud use
- Secure and Manage Mobile Devices, Desktops, Apps and Content –MobileIron
- Mobile Malware Hits ActiveSync-Only Devices –MobileIron
- Integrating Mobile Device Management with UC Systems and Features –SearchSecurity.com
- The Criminal Justice Information Services (CJIS) Compliance for Mobile Devices –MobileIron