The healthcare industry – as with other sectors throughout the economy – is coping with a surge in newly remote workers. Unaccustomed to working from home for extended periods, these employees need easy-to-use tools that allow for quick onboarding and provide the security protections necessary for the industry.
Let’s explore the topic of remote healthcare security in a COVID-19 environment.
The Surge in Remote Workers
While many of the healthcare workplace discussions around COVID-19 have focused on front-line healthcare workers, most healthcare enterprises also employ large numbers of employees that work in areas such as administration, information technology, patient accounting, and finance.
Outside of direct healthcare providers, there are insurance companies, revenue cycle management firms, and other support organizations that provide critical infrastructure enabling front-line employees to focus on patient care.
Although some employees worked remotely before the pandemic, onsite work was the norm. The workplace environment has changed. While specific stay-at-home orders will expire at some point, organizations will continue to require the infrastructure to migrate to a remote workforce on short notice and for the foreseeable future.
Many healthcare organizations have multiple facilities, subsidiaries, and large workforces. It is not feasible to simply send employees home and ask them to work remotely. Many network and communication resources are required. In some cases, these resources are used more extensively when staff works remotely – and the organization’s information technology infrastructure must accommodate the additional load.
If an organization relies on VPNs to connect employees to corporate resources such as network storage locations, IT must ensure that sufficient licenses and bandwidth exist to support this connectivity. Additionally, organizations that rely on remote desktops, like a VDI or virtual desktop infrastructure, must ensure that sufficient bandwidth and licensing capacity exists to support the surge in remote users.
Increasingly, employees use their own mobile devices to be more productive as companies increasingly adopt bring-your-own-device (BYOD) policies. Without access to a corporate phone, employees will be even more dependent on their personal devices and communication applications. This new normal creates organizational security and compliance challenges.
There is the risk – that for the sake of convenience – employees will provide customers with their personal cell phone numbers and begin using unapproved communication applications such as WhatsApp or Skype to conduct company business.
The use of such tools creates compliance and security concerns for healthcare organizations. If employee accounts are compromised, there may be an intellectual property leak. There is also the risk that an employee share protected health information (PHI) through such tools.
Combining Virtual and BYOD
There is likely no alternative to BYOD for most organizations. Employees are likely to reject using two devices (one personal and one corporate-issued). Additionally, assuring compliance with such policies is resource-intensive for organizations. Providing corporate-issued devices is also costly and administratively complex for organizations.
The best solution for many healthcare organizations combine what has proven effective in the desktop space, VDI, with a commitment to a BYOD framework. Hypori Virtual Mobility is such a solution. It allows organizations to control what employees can access via a mobile device, enables them to use their personal devices, and leaves no footprint on the local device. Regulatory intensive industries such as healthcare can use such an infrastructure to ensure that employees access what they need while working remotely balancing security and compliance with employee convenience.
The COVID-19 response will change how healthcare organizations think about their workforce with the top priority ensuring that front-line clinical workers can effectively provide care in an emergency.
Organizations, however, will also need to examine how to ensure that non-clinical staff can effectively work to ensure long-term organization viability. Remote working environments, even if only for short periods, will have to be considered. The increasing prevalence of BYOD policies can be combined with a virtual mobile infrastructure to ensure continuity of operations, compliance, security, and employee satisfaction.