Notifications
Clear all
Topic starter
25/06/2026 2:58 pm
TL;DR: Mobile devices are now viewed as essential by 92% of healthcare leaders, with 99% expecting shared-device use to rise and 79% reporting credential sharing on those devices, according to Imprivata’s 2025 report. Shared mobility succeeds only when access, accountability, and workflow design are treated as one programme.
NHIMG editorial — based on content published by Imprivata: The 2025 state of shared mobile devices in healthcare report
By the numbers:
- 92% of healthcare leaders say mobile devices are essential tools in care facilities.
- 99% expect the use of shared mobile devices to increase over the next two years.
- 79% of employees share credentials, undermining identity security.
Questions worth separating out
A: Treat shared mobile as a governed identity workflow, not a convenience pool.
Q: Why do shared devices often improve care but still create security risk?
A: Shared devices reduce friction and speed access, but they also compress the trust model.
Q: What do security teams get wrong about shared-device programmes?
A: They often focus on the hardware lifecycle and ignore the identity lifecycle.
Practitioner guidance
- Make device handoff an identity-controlled workflow Use badge-tap or equivalent authentication tied to automated checkout and check-in so every handoff produces an auditable user-to-device mapping.
- Eliminate shared credentials on pooled devices Assign access to named users and force session closure after clinical use, even when the same device will be reused by another clinician.
- Track device status centrally in real time Maintain live visibility into device location, sign-in state, battery, and assignment so support teams can intervene before clinicians fall back to personal devices.
What's in the full report
Imprivata's full report covers the operational detail this post intentionally leaves for the source:
- Benchmark results on access issues, device assignment delays, and user workarounds across healthcare organisations.
- Breakdowns of how shared-device policies affect burnout, patient flow, and support burden in practice.
- The report's quantified ROI comparisons between fully implemented shared-device programmes and less mature deployments.
- Specific examples of frictionless access patterns such as tap-and-go authentication and automated checkout/check-in workflows.
👉 Read Imprivata's report on shared mobile devices in healthcare →
Shared mobile devices in healthcare: what IAM teams are missing?
Explore further
25/06/2026 4:15 pm
Shared mobile devices have become an identity governance problem, not just an endpoint problem. The report shows that clinical mobility now depends on how fast and accurately organisations can bind a user, a device, and a session together. When that binding is weak, the programme loses both accountability and control over PHI access. The practitioner conclusion is that shared-device governance belongs inside IAM and workflow policy, not only in mobile device management.
A few things that frame the scale:
- Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control, according to The State of Secrets in AppSec.
- 43% of security professionals are concerned about AI systems learning and reproducing sensitive information patterns from codebases.
A question worth separating out:
Q: Who is accountable when a shared mobile device exposes patient data?
A: Accountability should be shared across the operational owner of the device programme, the IAM or identity governance team, and the clinical manager responsible for local process compliance. If access is not attributable to a named user and a specific handoff, incident response becomes slower and disciplinary review becomes unreliable.
👉 Read our full editorial: Shared mobile devices are reshaping clinical identity governance
