Smartphones to Access to Patient Data in Hospital Settings: Authentication Solutions for Shared Devices.

Although mobile devices become more and more common in clinicians' hands, transforming them into an institutional tool to access electronic health record information at the patient's bedside still raises many questions. One of these questions is the provenance of mobile devices when these are deployed at an institutional level. Some advocate the use of personal devices, known as BYOD, for its lower cost, others favor the use of institutional devices which allow a standardization of the development, deployment and support processes. The financial disadvantage of institutional devices could be reduced by sharing devices between several care-providers. The problem with this solution is the authentication management. Indeed, smartphones are defined for individual use and do not efficiently manage multiple identities on a single device. In this article we present the outcome of a Delphi study aiming at identifying an authentication strategy that combines security and acceptable usability in order to share a pool of devices in a medical ward.