How to Offer Mobile Convenience While Keeping Health Data Secure

How to Offer Mobile Convenience While Keeping Health Data Secure

The solution isn’t to be afraid of mobile in healthcare

  • By Hoala Greevy
  • Mar 04, 2019

In every industry, companies work to figure out the best way to integrate mobile devices into both the front-end experience and in the workplace. As more and more people use phones as their primary (and sometimes only) device, becoming a mobile-first company means having a major competitive advantage.

The healthcare industry isn't distancing itself from this trend. In the past four years, the use of mobile- and tablet-based health apps has tripled — and nearly half of consumers used them in 2018. Besides this, 44 percent of people have used electronic health records in the past year to access information including prescription history, clinician notes, and laboratory data.

This mobile shift will be a boon to patient care and overall convenience in an industry that isn't always straightforward or seamless for patients.

However, while the world of mobile presents many opportunities, it also has potential pitfalls. The most pressing one is security: Something as simple as one lost laptop can compromise the data of 10,000 patients, as was the case for Raley’s supermarkets.

A data breach is bad for any company, but it can be especially catastrophic for healthcare organizations. There are strict regulations surrounding the sharing and use of patient data, but medical information is also deeply personal. A breach can cause damage to patient well-being.

The solution isn’t to be afraid of mobile in healthcare; it's to understand the risks and take the right steps toward protecting patients and keeping data secure. Preventing breaches before they happen is a necessary part of this process. The world is becoming increasingly mobile-first, and the healthcare industry needs to embrace that shift with healthy caution.

Four Steps to a More Secure Mobile Environment

Thankfully, there are some clear steps healthcare businesses can take to ensure the security of their mobile devices and provide convenience for patients. Here are four ways to start:

Teach employees about what can and can't go on mobile devices.

Ninety percent of hospitals are investing in mobile as a way to communicate within their systems. Although this could do wonders for efficiency, it also comes with its own vulnerabilities. It’s important to remember that one of the biggest threats to security will always be human error when rolling out these initiatives.

That’s why it’s important to make guidelines around dealing with data — and the risks associated with mishandling it — crystal-clear. It's crucial to ensure employees know what apps to download and have no confusion over policies surrounding the use of patient data on mobile.

With the right training, employees will be keenly aware that they need to take proper care not only of their devices, but also of the information that's on them. This should extend beyond just orientation. Hold annual reviews of your policy with each employee to ensure team members continue to comply with security best practices.

Encrypt everything.

No matter how cautious your employees are, someone will lose his phone at one point or another. As mobile devices will soon be ubiquitous throughout the healthcare system, it’s vital to protect sensitive information on these devices with strong passwords and encryption.

After all, encryption is the bare minimum any company can do with its customers’ data. When companies fail to implement it, this leaves millions of patients exposed.

This isn’t just about patient care, either — failing to encrypt your devices could result in massive fines. MD Anderson Cancer Center, for instance, was hit with a whopping $4.3 million fine for failing to encrypt its devices after having two thumb drives and a laptop stolen.

Make data accessible only through secure browsers or approved applications.

According to Malwarebytes, mobile devices are increasingly becoming the go-to target for hackers and other cybercriminals. This is in large part because we haven't taken mobile security as seriously as desktop security.

To better secure mobile devices, healthcare companies shouldn't conflate mobile access with access anywhere. Data access should be confined to specific apps or a secure browser. This will help ensure that patient information doesn’t get saved by accident and that when someone is viewing private data online, it's harder to intercept the connection. Requiring employees to use virtual private networks can also add an extra layer of security.

Keep work tasks separate from personal ones.

One dilemma for many companies is deciding whether to provide devices or offer a bring-your-own-device program. While the latter is more common nowadays and provides greater flexibility, it also opens up another potential weak spot in security. If work and personal life are both happening on one device, it’s easier for the two to become mixed up in potentially harmful ways.

If you do opt for a BYOD program, use a mobile device management tool to control how and when work apps are used on each mobile device. MDM tools offer the ability to encrypt data, monitor app usage, and remotely wipe or recover data. These tools also give you the ability to separate work use from personal use, meaning that apps and data meant for work aren’t accessible in any way through personal apps. If you’re not giving employees physically separate devices, this is the next best thing.

Another way to keep personal information from bleeding into work data is limiting who has access to company email on their mobile devices. Not everyone needs to send work emails from her phone, and keeping work email off of mobile means fewer chances for accidental exposure.

You can even go a step further and create a specific network only for personal devices. If there is a breach in this case, the damage doesn’t leak out into the rest of the system.

In many ways, mobile has the potential to create a better experience for patients and healthcare professionals. However, the convenience of mobile shouldn’t come at a cost to security. By taking the right steps, the healthcare industry can step confidently into a mobile world and rest assured that patient data is secure.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Elevating Security

    Willis Tower, an iconic symbol in Chicago for more than 50 years, has undergone significant transformations to become a modern workplace and community hub that delivers the best experiences for its tenants, area residents and visitors. Originally known as Sears Tower, it was renamed Willis Tower after a change in ownership in 2009. Read Now

  • Digital Access in the Workplace

    It is simple to set up a unified, robust access control solution for one tenant leasing one building. It is even easier if the tenant owns the property. But what is involved when multiple companies lease space in a building? And what about companies that have multiple buildings in the same city or locations across various regions in the country and the world? Read Now

  • Texas City Replaces Locks on Intelligent Traffic Cabinets With More Secure Option

    The Transportation Services and Mobility department for the city of Grand Prairie, Texas recently completed a substantial project to replace the locks on their Intelligent Traffic Cabinets with a better and more secure choice. Turns out what they needed was only a few miles away with ALCEA’s Traffic Cabinet Locking Solution powered by ABLOY technology. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3