HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Healthcare BYOD Schemes Here to Stay Says Ovum

IT Research firm, Ovum, has released details of a study conducted on full time IT workers’ participation in Bring Your Own Device (BYOD) schemes, and for the second year running participation has remained steady at around 60%.

Healthcare professionals are using Smartphones and mobile devices at home, and they the preferred mode of communication for many physicians. They offer speed, convenience, practicality and they are familiar; as well as allowing the user to be in touch around the clock.

However, being made to leave the devices at home or in lockers when coming to work, and instead being forced to use outdated modes of communication – such as pagers – is not something that all workers agree with. Many ignore company policies and bring their own devices to work anyway, even when BOYD schemes are not in place.

The study showed that 15.4% of employees who owned their own Smartphone took it to work and used it and did not report use of the device to their IT department, while 20.4% said their employers were anti-BYOD yet they still took their devices to work and used them. If a fifth of employees are using their phones at work, potentially an awful lot of HIPAA violations are happening every day.

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Personal use of tablets is on the increase, and now 44.5% of full time workers have one of the devices with usage having risen from 28% last year. The devices are primarily being used for email and calendar management, but the research indicates that usage is changing, with the devices being used more for file syncing, VOIP calls, social networking and instant messaging (IM). Employees are also downloading an increasing number of apps.

These apps are not being sourced through approved channels in many cases, with 25.6% of respondents saying they found their own enterprise social networking apps, 21.1% found their own file sync options and 30.7% discovered, downloaded and set up their own VOIP and IM apps.

Once problem with BYOD schemes and mobile usage at work is employers are simply not prepared for the issues that surround device usage at work. 46% of respondents claimed that their organizations were not fully prepared for BYOD issues, 39% of devices did not even employ password protection or other basic security measures and more than half of healthcare professionals used the devices to communicate over unsecured Wi-Fi networks.

Unless organizations implement BYOD schemes and ensure that appropriate security controls are installed, HIPAA violations and OCR fines can be expected.

Fortunately there are a number of methods that can be used to improve the security of the devices, allow access to important information, integration with EHRs and ensure communication is encrypted. By using these technologies the devices can be HIPAA-compliant and their full benefits can be obtained.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.