tag:blogger.com,1999:blog-4384692836709903146.post3340600126796237022..comments2024-03-27T09:55:23.143-07:00Comments on Dispatch from the Digital Health Frontier: Bring Your Own DeviceJohn Halamkahttp://www.blogger.com/profile/04550236129132159307noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-4384692836709903146.post-13781538321800051912011-10-26T15:50:36.553-07:002011-10-26T15:50:36.553-07:00While the security aspects of BYOD get the headlin...While the security aspects of BYOD get the headlines, legal issues should also get attention. A user's personal device which holds PHI or other sensitive data may be the object of discovery in litigation -- and may be impounded. Users should be asked how they would react to the potential for indefinite loss of their device before allowing them to access sensitive data or systems.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-52989358600388160932011-10-04T18:03:26.505-07:002011-10-04T18:03:26.505-07:00We have over 1000 iPads and 1600 iPhones which con...We have over 1000 iPads and 1600 iPhones which connect to the BIDMC network on a daily basis. We require encryption/password protection by policy at this point.John Halamkahttps://www.blogger.com/profile/04550236129132159307noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-4825077638262032282011-10-04T17:53:17.299-07:002011-10-04T17:53:17.299-07:00So... BYOD is ok in your hospitals? I wasn't ...So... BYOD is ok in your hospitals? I wasn't sure based on your posting.<br /><br />I think your exactly right, BYOD is a very slippery slope. However, most hospitals are getting incredible pressure from physicians to allow it. Security seems to either be the rock to hind behind or the stone to throw...<br /><br />Unfortunately, BYOD will only get the necessary attention once a breach occurs and by then... it's too late.Jonathan Merrillhttps://www.blogger.com/profile/15552513848372149904noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-27042864341725980862011-10-03T06:35:58.202-07:002011-10-03T06:35:58.202-07:00Hm. I was hoping for a picture of Ms. Klum.
I ran...Hm. I was hoping for a picture of Ms. Klum.<br /><br />I ran the IT at an e-discovery company for years. We handled stuff that needed to be very secure (and often had regulatory policy to comply with).<br /><br />My policy was this: computers that handled our "secure" data were very locked down -- even at the physical level and network level. Very controlled access policies. We then allowed any user to bring in any wi-fi enabled device to access the Internet in a totally unrestricted manner (though there were certain verbally encouraged security policies with those devices).<br /><br />We kept our "secure" data separate from our "not-secure" data. <br /><br />This worked out great for us and there were few complaints. <br /><br />We also provided a "build your own insecure device" in an insecure cloud that people could RDP or VNC to if they wanted to use their locked-down workstation to access insecure stuff.David Bernickhttp://www.cambridgecomputer.comnoreply@blogger.com