Not so long ago, personal digital assistant devices-Blackberries and Palms-started coming into hospitals and physician practices. And the devices weren't being used just for personal information, but professional as well.

Skip to late 2010, just a little more than two years ago, when mature smartphones and early iPads and other small tablet devices really started to explode in popularity and functionality. As the mobile market grew, the devices quickly became status symbols, particularly in the physician community, says Ojas Rege, vice president of strategy at mobile security vendor MobileIron, Mountain View, Calif. Health care organizations had a variety of devices coming into their facilities. Security risks ensued. It wasn't clear how they could control data access and security on the devices.

The health care industry is far more open than other industries, with far more "free agents," since physicians often have privileges at multiple hospitals. Consequently, a physician may have a smartphone accessing apps and data from more than one hospital and also have personal data on the device.

Further, physicians may want certain functionality. They may buy an app that offers the functionality or contract with a local developer to build it-and not tell the hospital. Having security built into apps is critical to health care organizations, but not to developers. For instance, it wasn't until quite recently that native encryption came with Android devices. Another consideration: When developers are writing an app for an iPhone or iPad, there is an API, or application programming interface, for a second level of encryption. But if developers aren't told to use the second level, they won't, Rege contends. They are focused on the platform, not application security. Consequently, whether an app is bought from a local or national shop, a developer is a contractor. After the purchase, the developer has disappeared, leaving the unknown, potentially unsecure app in place at the hospital. As a result, policy and design rules on how apps are built and what organizational data should be in a device have become necessary.

These factors set the stage for mobile device management software. It gives organizations centralized control over what I.T. devices are coming onto their premises and what those devices can and cannot do. MDM started with basic tools-enforcing passwords and encryption, and wiping data from lost devices. It has evolved to a centralized management platform across an enterprise, Rege says. "The device, user and app will change, but it's all about the data."

A feature story in the February issue of Health Data Management explores how mobile device management is becoming one of the answers to controlling the BYOD rage.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access