I work at a middle sized hospital, and we are starting to embrace BYOD, but more because the doctors are demanding that they be able to use their smartphones and iPads to send patient info quickly by text message and email.
The problem is that HIPAA laws in the USA means that sending patient info by text to a phone can really open up the doctor and hospital up to legal action.
So as part of any BYOD solution, we need to look deeply at the security aspect, and research all the options. I looked at some good large enterprise BYOD solutions out there like Centrify and Enterproid, but they are expensive, invasive, hard to deploye and for larger organizations.
For smaller organizations, I really didn’t find much in the way of solutions. It is then that I saw that for many companies, they are going think about breaking down the BYOD implementation into smaller components. This may means using several smaller apps/software systems to add security and management functions to your BYOD network.
We did this, by having an app (Tigertext) installed on all the BYOD devices. Tigertext deletes the text messages sent/revived on the phone after a period of time. If a doctor loses his phone, the texts are deleted and HIPAA compliance is met.
Next we need something like this for emails.
This is how we are approaching BYOD policy, finding small apps that we can afford that add some specific level of security and control to the BYOD implementation.
Look to hear your feedback on this approach to BYOD.