Bring Your Own Device (BYOD) to work is all the rage these days.
3 words: Smart Phone, Tablet
Smart phones cracked the BYOD barrier not necessarily as a work device, but as a way for someone to stay more connected to the outside world while at work. As more applications appear, more can be done on a smart phone – Eprocrates seems to be the application I see most at a medical office, but this article covers the top 10 apps a medical student should have.
Tablets have further proliferated the desire to BYOD. Typically not from the “worker bees” as a tablet is not great for data input, but physicians tend to like to bring them to the office.
Finally, the other big push is to bring one’s Mac to the office. The belief that a Mac is easier to use and less susceptible to a virus than a PC drives this push.
There is nothing wrong with BYOD, but before one personal device is allowed on your office network, you better have a clear computer policy in place about how personal devices will be used on the network.
Here are a few things to consider if you allow staff members to use their personal device to access your office network:
- How will you ensure all PHI is secure when this computer/table leaves the office?
- How will you ensure no PHI or business information is on the device if the staff member is let go?
- How will you ensure the device is properly secured?
- How will you ensure the staff member isn’t “playing” on their device while at work?
As you can see, most of the concerns revolve around data security.
If YOU have a breach because of THEIR device…it is still YOUR fault.
Remember, risk reduction is what HIPAA compliance is all about…
Add to that the increased temptation and ease of goofing off on their own computer, and you could really have a headache.