KLAS survey confirms BYOD security concerns

By: Jonah Comstock | Nov 5, 2012        

Tags: | | | | |  |
Methods to Protect Data on Mobile Devices

Source: KLAS

No surprise here: A new report from KLAS Research suggests that health care providers are concerned about security in the increasingly BYOD mobile healthcare environment.

Of the 105 CIOs, IT specialists, and physicians surveyed, 70 percent used mobile devices to access their electronic health records, including customers of nearly every major EHR (Epic, Cerner, GE, Allscripts, Siemens, MEDITECH, and McKesson). The vast majority of organizations, 94 percent, were supporting Apple, with 49 percent and 44 percent supporting Android and Microsoft, respectively.

The supremacy of Apple is reflective of the trend toward BYOD strategies, where physicians use their own devices and IT departments support them. KLAS analyst Erik Westerlind told MobiHealthNews that 86 percent of respondents had some kind BYOD policy, and 31 percent had full BYOD. This is also the source for many of the security concerns, which are more often held by CIOs.

“With the increased use of personal mobile devices in healthcare becoming more prevalent, providers are very concerned about controlling what data is accessed, where it is stored, and how the data can be protected,” Westerlind said in a statement. “In addition, providers say that virtualization, encryption, and mobile device management applications are among the main solutions to combat some of these security concerns.”

Virtualization refers to software that lets doctors access and view patient information on their mobile devices, but keeps data from actually being stored there. Encryption locks patient data so it can’t be viewed or accessed without a password, and MDM software are usually system-level solutions that increase the security of communication between devices. For instance, if a device is lost or stolen, an MDM can remotely wipe it of sensitive data. The report showed 52 percent of providers using virtualization, 46 percent using encryption, and 35 percent using mobile device management.

Physicians interviewed also had some functionality concerns about their mobile devices, which they said worked well for data display but generally had problems supporting data input. Some were also concerned that their devices’ small screens were keeping crucial information from being displayed. On a 1-5 scale for usability, no respondent gave their mobile devices higher than a four.

Westerlind predicts that as mobile adoption increases, companies will move from virtualization, which can be limiting, to MDM and cloud-based solutions, allowing physicians to take full advantage of their devices’ capabilities.