While the healthcare sector can greatly benefit from technology, it is important to consider security, especially when dealing with patient information. Providing secure access to information allows field workers to spend more time where they need to be, make better decisions in the moment and improve services to individuals and the community.
A 2014 Ponemon survey discovered that 30 per cent of data breaches were related to a negligent employee or contractor, highlighting the importance of protection against insider threats and human error. Beyond this, unsecured mobile devices or laptops can pose a huge risk if the devices are lost or stolen.
In any scenario where employees use mobile devices for work that hold and access sensitive data, it is important to uphold stringent security on the three main integration points - the device, the content/application layer and the network - and put measures in place to control how employees can access and use data. It is also important to educate employees, making them aware of their obligations and responsibilities in keeping information secure and mitigating risk where possible.
Developing and implementing the right security framework for an organisation is the most important step to ensuring patient information is handled securely, privacy is upheld and organisations have control over how data is accessed, used and stored. It is important, therefore, to adopt an enterprise mobility management (EMM) solution - encompassing the management of devices, applications and content and network - with robust security built-in which in turn provides the flexibility and control IT departments need to ensure information is accessed by devices securely.
This will enable IT departments to identify:
- What mobile devices are accessing data and if they are secure
- Who is using each device
- What applications are on the mobile devices and if they have potential to corrupt the network
The answers to these questions will then enable IT departments to set the appropriate security parameters for sharing, accessing and storing information, based on employees' behaviours and requirements of their job, type of device and operating system. For example, IT departments can block users from taking and sharing a screen shot of a document when they are connected to a network that is deemed unsafe.
Device management solutions also provide organisations with extra layers of security, such as restricting devices so they can only connect via a VPN. Device management solutions also allow IT teams to remotely lock and wipe devices if they are lost or stolen as well as ensure high level data encryption. All of these measures ultimately provide greater flexibility, visibility as well as confidence that the right level of security is being met.
Technology can deliver leaders' top priorities
Sign up for CIO Asia eNewsletters.