BYOD and secure messaging

Sixty-nine percent of CIOs said their hospitals see mobile strategies as a key initiative to improve clinical and operational outcomes.

–MedCityNews.com

This statistic presents a strong viewpoint on how healthcare sees its future and how technology will play into it. Clearly, mobile will play a major part. However, the question that remains is whose mobile device will be used given that relatively few hospitals have fully implemented secure mobile messaging applications. Strong consideration should be given to bring your own device (BYOD) policies and secure messaging policies as they would expedite the implementation of mobile strategies. Additionally, BYOD and secure messaging would allay many concerns related to security and cost.

The goal of this blog is to examine the perceived risk from BYOD and highlight why BYOD, with secure messaging, is the correct mobile solution for hospital communication. This blog will examine the following points:

• Why pagers continue to hold sway in healthcare
• Why BYOD faces opposition
• Why BYOD is uniquely positioned to improve hospital secure messaging
• Impact of providing BYOD secure messaging policy

Why pagers remain a familiar nemesis

Today, even after so much is known about how pagers can leak personal patient data, pagers continue to be used by close to 80% of clinicians.  Overall, 21 percent of respondents to the same study indicated that they receive identifiable patient information on the pagers and 41 percent received messages that included some identifiable information. What these statistics demonstrate is that healthcare continues to face a deficit of action. Although it is well known that sending identifying patient information over pagers is not HIPAA compliant, hospital employees continue to do so in part because the perceived risk of compromising patient information is minimal.

Why BYOD continues to face opposition

This blog could, to some extent, answer CIOs’ concerns by informing them that pagers are a significant source of non-secure messaging. However, CIOs are equally concerned about employees use of their own smartphones to exchange patient information.  CIOs fear that use of BYOD will expose secure patient information to further vulnerabilities.

Indeed, security is the fear that wags the mobile dog. CIOs worry that by enabling further BYOD use, they will expose their institutions to unknown risk. And this fear is not without validation as a significant source of intrusions is from lost or stolen devices. Companies that have implemented BYOD often struggle to protect against data loss and ensure that communications remain secure. As a result, many enterprises are scrambling for ways to combine BYOD and secure messaging policies.

What BYOD and secure messaging can do to improve hospital communications

An important part of effective BYOD management is managing the potential risks that come from actual BYOD use and ensuring effective secure messaging. When hospital employees are beneficiaries of a BYOD policy, they can download messaging applications. Yet the question that remains is how can CIOs ensure that these applications are the right, secure applications?

Management of BYOD security needs to be the focus of any secure messaging engagement as that is where the security begins. CIOs need to ensure that the applications they bring on provide:

• A secure sign-on process: Password enable access to the smartphone as well as access to the application
• Encrypted messaging: Messages should be encrypted both at rest and in transit
• Incorporate delivery and read receipts: Make sure that messages come with an audit trail so receipt can be ensured. This step provides security as it ensures the intended path of the message has been followed.

Conclusion

Hospitals are continually concerned about healthcare costs and the impact that bringing on new policies like BYOD will have on their bottom line and security. However,  as this blog has discussed, with proper attention paid to which applications they download, CIOs can ensure their hospitals download apps which are secure, HIPAA-compliant, cost effective and ensure secure messaging.

To get more insight into how BYOD can improve secure messaging, download our whitepaper.