If 3 out of 4 dentists like a particular brand of toothpaste, then you can rest assured that 4 out of 4 doctors would like to be able to utilize their personal devices on a hospital wireless network. Mainly for security reasons, healthcare facilities have shied away from allowing a Bring Your Own Device (BYOD) policy to be drafted, much less implemented.
When hospital IT staff and risk management finally agree that BYOD will be allowed at a facility, it’s important to have a BYOD policy in place before staff members carry in their personal wireless devices.
Here are the Top 10 items to include in any first-time or revised BYOD policy at healthcare facilities.
1. Note all applications to be utilized as “Mission Critical” on the hospital wireless network.
First thing policy-makers need to be aware of is which applications will be listed as “Mission Critical? In other words, here is a list of applications we must have and must be running for us to complete our tasks which allow for proper workflow at all levels.
2. Review application security challenges with IT Department.
Your IT Staff needs to have a big role in the implementation of any BYOD policy, so make sure to consult with them on any applications that could be on wireless networks and make sure the policy that is implemented can prevent any of those applications from running on devices.
3. BYOD means iPads, Chromebooks, Androids and more so review the devices that will be authorized to access the wireless network.
There has been concern about how Apple’s wireless products integrate (or do not) with Windows-based PC’s and laptops that could be a large part of the wireless network. SecurEdge Networks has actually run tests on wireless networks to determine that about 90% of the wireless devices on the networks were iOS (Apple) devices. Some interviews suggest 57% of IT Management feel that Apple devices will keep them up at night under a BYOD policy. On the flip side of that, 74% of IT Leaders think that employees will become more productive under a BYOD program.
4. BYOD Policy must be crystal clear to employees and administrators at every level.
5. BYOD Policy should match capabilities of wireless network solution.
Don’t write a policy that can not be implemented based on the current antiquated technology in your wired closest. If you see something like “role-based access control” is a part of your current solution, then that is a much better starting point than if your current infrastructure only allows devices that communicate on 2.4ghz (a healthcare setting is a challenging environment for wireless access).
6. BYOD Policy implementation should include input from staff representative.
The BYOD policy and procedures you spent all that time discussing, voting on, writing and implementing doesn’t really mean a whole heck of a lot if the staff that will be utilizing their own devices don’t have a say in what they are permitted to utilize. Fire sharing? Forget it, but having them involved in the policy creation is a good way to allow at least one representative to speak for (and report back to) the staff.
7. Spend time writing BYOD Policy that is realistic.
When it comes to wireless technology and devices, especially in the healthcare environment, the devices and access solutions being utilized today will likely change in the next 3 years. Administrators that write BYOD Policies don’t often have a crystal ball, but be sure to write with words that give you an “out” if the new policy becomes warped or cracked in short order.
8. Mobile device management is tricky to include in BYOD Policy.
We are on the frontier of some pretty exciting technological changes that will (and already “do”) allow for control of employee devices. This is also known as Mobile Device Management. But, this is where the waters get murky (and the lawyers pockets seem to get bigger). Wording is tricky in a paper document, especially when it was most likely written on a piece of technology that didn’t exist 50 years ago. So, be careful in how you even define the term mobile device management because some vendors have different solutions that manage mobile devices. They just may not be managed the way you had in mind.
9. When writing BYOD Policy, make sure that wireless access solution is scalable to your number of staff.
Some estimates put wireless devices at 2 per person, but that’s just at the K-12 level. Higher education is looking at 4-5 wireless devices per student. So, in the corporate environment it may be a bit easier to sneak your XBox in the back door, but in a healthcare environment, a reasonable expectation is most likely 2 devices per person. If you have hundreds of employees, double the number of devices and plan for wireless access solutions that can handle those mission critical functions on the network.
10. BYOD Policy should be fine-tuned to your facility.
There is no “one-size-fits-all” when it comes to BYOD Policy. Each location has different environmental factors that should be taken into consideration since each can influence how your staff respond to your new BYOD Policy.
I know creating a BYOD policy may seem a little daunting, especially in a healthcare facility, but, BYOD is becoming essential in many industries including healthcare. As our world becomes more and more mobile, so will the acceleration of the proliferation of BYOD. BYOD in healthcare is the inevitable future. If your facility is considering implementing a BYOD program on your hospital wireless network, contact us here for a free BYOD Readiness Consultation We have worked with hospitals large and small to facilitate a secure and successful BYOD program. Good luck!