Protecting the privacy & security of your patient’s health information.

BLOG POST: Mobile Device Management (MDM) for Healthcare

By Maliha Charania, IT Risk Management

While mobile applications are transforming the patient care setting, their use also opens up a Pandora’s box of security management issues.  The opportunity for patient information to be compromised increases significantly as sensitive data becomes accessible through these mobile devices in form of corporate emails and medical applications. Organizations are having to quickly adapt when it comes to managing security, privacy, and compliance of PHI and other data. Mobile Device Management (MDM) is key in securing and managing these information assets.

MDM software allows your organization to secure, manage, and monitor both corporate and employee-owned devices including smartphones and tablets as well as the applications they use. Security controls and functionalities that can be applied through an MDM solution typically include:

  • Access control for email and documents such as Word and Excel files
  • Policy settings for security, encryption, jailbreaking, managed email, cloud, system, application, devices
  • Windows supported settings
  • Remote wipe of selected mobile devices

Additionally, application whitelist and blacklist controls are in place to:

  • Allow/block access to mobile applications and application stores
  • Require password when accessing application store
  • Block video conferences on mobile

Microsoft offers two such solutions to control mobile devices; MDM capabilities through Office 365, and Microsoft Intune.

Managing Mobile Devices through Office 365

To take advantage of the MDM features in Office 365, go to the security/compliance center in Office 365 and follow the steps to enroll user devices. Most current Android, iOS, and Windows devices are supported. After this, you can create policies for the devices and apply them to different user groups in your company to ensure users only access the resources they need. Non-compliant devices will be blocked until they follow the policy.

Microsoft Intune MDM

Microsoft Intune is yet another cloud based tool which can also be used to manage users and their mobile devices, but there are some key differences from MDM in Office 365. Intune requires a paid subscription ranging between $6 and $15 per user. 

Intune manages devices through either the Intune Admin Console or Configuration Manager instead of the Security and Compliance Center in Office 365. Intune has the additional ability to manage Mac OS X and Windows PC’s (as well as servers). It offers all of MDM’s capabilities plus Mobile Application Management (MAM), which allows for modifying the functionality of apps to align them with your company’s policies. Although MDM through Office 365 is sufficient for most businesses, Intune may be worth the investment if your organization uses those nifty features.


Mobile devices are a powerful tool in freeing medical practitioners to serve patients in more settings.  However, the movement of sensitive patient data across mobile and remote networks must be specifically addressed.  Finding the right MDM solution will reduce this risk by putting standard controls and procedures in place.