Bring Your Own Device (BYOD)

Bring your own device is an increasing trend towards employee-owned devices within business. BYOD is where organizations allow employees to use their personal devices for work purposes. The proliferation of smartphones, tablets, and laptops has given rise to BYOD. Bring your own device model has a significant impact on the healthcare system (Garba et al. 2015). For instance, physicians and other health professionals are getting health information through emails and opening them on their phones. Besides, health information can be automatically uploaded to a cloud platform, which can be easily accessed by healthcare providers using their own devices. However, with the increasing trend of BYOD becoming an integral part of daily operations in healthcare organizations, there is a need to comprehend BYOD security and overall healthcare mobile security.

Security Issues Associated With BYOD

One of the major security issues associated with BYOD is that personal devices can be lost or stolen. If the device has patient health information stored in it, then a healthcare organization can be at risk of data breach. The three most vulnerable forms of stolen or lost patient information are employee records, patient billing information, and non-patient records. Data breaches can lead to unauthorized access to healthcare information, which often exposes sensitive information from personally identifiable information such as patients’ medical histories, health insurance information, addresses sensitive health data, names, and social security numbers (Garba et al. 2015). There, BYOD brings increased responsibility to clinicians when they use their own devices. Due to the vulnerability of patient information, which may be stored in personal devices, physical safeguards are needed in these devices, which are a key component to maintaining security measures. According to the U.S. Department of Human Health Services, health organizations should implement procedures, policies, and physical measures to protect health information from unauthorized intrusion and natural and environmental hazards (Wang, Wei, & Vangury, 2014).

Another security issue associated with BYOD is mixing personal and professional use of mobile devices. With the increasing trend of BYOD, health professionals are concerned about the loss of privacy in personal communication. BYOD may compromise professional behaviour, especially when personal information is accidentally conveyed to the wrong person. BYOD in the healthcare environment requires a shift in culture that revolves around transparency. Without transparency in BYOD, neither the users nor the policymakers will achieve the intended purpose of this initiative (Wang, Wei, & Vangury, 2014).

According to Garba et al. (2015), insecure networks are also another security issue associated with BYOD. The convenience that allows employees to use their devices in the work environment allows other people to intercept their data. When healthcare professionals use their devices, which contain health information for their organization, on an unsecured Wi-Fi, they put their organization’s data at risk. Prospective studies indicate that mobile devices are at risk of getting exposed to an attack when connected to unsecured Wi-Fi, especially when not connected to the company’s VPN.

Addressing Security Issues Associated With BYOD

The administration should ensure that the employees are aware of the security concerns related to BYOD. Awareness among the employees may be created by educating them on the potential harm associated with BYOD to avoid any of these security issues at all costs. Besides, unified threat management and an application-layer firewall can help secure a BYOD initiative within an organization once these devices are appropriately synced with the existing security systems. These security measures should be made mandatory for all employees taking part in BYOD to prevent security issues relating to possible data breaches that may occur in the organization’s network (Bello et al., 2015).

References

Bello Garba, A., Armarego, J., & Murray, D. (2015). Bring your own device organizational information security and privacy. ARPN Journal of Engineering and Applied Sciences, 10(3), 1279-1287.

Garba, A. B., Armarego, J., Murray, D., & Kenworthy, W. (2015). Review of the information security and privacy challenges in Bring Your Own Device (BYOD) environments. Journal of Information privacy and security, 11(1), 38-54.

Wang, Y., Wei, J., & Vangury, K. (2014, January). Bring your own device security issues and challenges. In Consumer Communications and Networking Conference (CCNC), 2014 IEEE 11th (pp. 80-85). IEEE.