Mobile devices are changing healthcare as more employees use their smartphones and tablets for work. Physicians and nurses are using their devices to check email, receive lab results, message with their team, and even add notes to the EHR. If you are a healthcare provider using your smartphone or tablet at work, you need to be aware of your organization’s mobile device policies.
Why mobile device policies matter
As a healthcare provider, each time you use your smartphone or tablet for work you need to be conscious of protecting patient data. HIPAA rules require organizations to secure individuals’ electronic protected health information (e-PHI). Increasingly, hospital and clinics have mobile device policies to ensure efficient, secure use of smartphones, tablets and laptops.
According to a recent survey, roughly three quarters of providers say their hospital allows some form of “bring your own device” (BYOD) use. But about half of doctors and nurses say they use their personal devices for work even when BYOD is not allowed. The result is that a lot of patient data is shared between unsecured devices.
This is changing as more healthcare organizations develop policies for smartphone and tablet use. A 2018 survey of healthcare IT decisions makers found that 91 percent believe their clinical care teams could benefit from a mobile device initiative. About 80 percent of organizations already have a mobile device management solution in place. With these initiatives, organizations are tightening their mobile device procedures as a way to ease communication, save costs, improve provider workflows, and keep patient data secure.
Know your organization’s policies
These 7 tips can help you begin to understand your healthcare organization’s mobile device policies and procedures.
- Find out if your organization has a mobile device policy. Get a copy and read it, or ask your health IT contact person for an overview.
- Determine if you are allowed to bring personally owed mobile devices for work (BYOD).
- Find out if your organization requires mobile device registration. If so, register all devices you bring to work.
- Get connected to your organization’s virtual private network (VPN). This secures data you send and receive from your device.
- Find out if your organization requires you to have the ability to remotely wipe or disable your device if lost or stollen. If so, install or activate this protection.
- Attend any privacy and security awareness trainings that your organization offers.
- Take steps to protect PHI when working from public places like coffee shops or airports. Use your organization’s VPN, encrypt your devices, and use strong passwords.
Taking these steps will help you rest easy knowing you are securing the health information patients entrust to you. By learning about your organization’s existing initiatives, you may also discover apps and tools that save you time and make your job easier.