Shared-use mobile devices in healthcare: where identity governance breaks

TL;DR: UK healthcare facilities using shared-use mobile devices report average annual savings of £522,000, but 47% still lack a fully implemented policy and 77% say users share credentials, according to Imprivata’s 2025 State of Shared Mobile Devices in Healthcare Report. The core issue is not device adoption itself, but whether identity, sign-in, and offboarding controls can keep pace with shared clinical workflows.

NHIMG editorial — based on content published by Imprivata: the 2025 State of Shared Mobile Devices in Healthcare Report

By the numbers:

• Nearly half 47% of organisations have not fully implemented a policy for managing shared-use mobile devices.
• Most survey respondents 85% agree that mobile devices are essential clinical tools.

Questions worth separating out

Q: How should healthcare organisations govern shared-use mobile devices safely?

A: Treat shared devices as governed access endpoints, not just shared hardware.

Q: Why do shared mobile devices create identity risk in clinical environments?

A: They create identity risk because multiple people use the same endpoint, so access state can outlive the person who initiated it.

Q: What breaks when shared device policy is only partially implemented?

A: A partial policy allows local workarounds to become normal operating practice.

Practitioner guidance

• Formalise shared-device access handoff Define how one clinical user ends a session before the next user begins, including explicit sign-out, session reset, and clear attribution rules for every shared device.
• Tie device readiness to access eligibility Block shared devices that are uncharged, misconfigured, or out of compliance from being used for patient access until they return to a known-good state.
• Track shared-device policy adoption at the ward level Measure whether policy is actually implemented by location, shift, and device pool so that governance gaps are visible before they become routine workarounds.

What's in the full report

Imprivata's full report covers the operational detail this post intentionally leaves for the source:

• Country-by-country survey breakdowns across the UK, US, Canada, and Australia that show how shared-device adoption differs by healthcare system.
• Detailed clinical workflow findings on lockouts, device availability, and how frontline staff compensate when devices are missing or misconfigured.
• The survey methodology and respondent profile from 125 UK clinical and IT leaders, useful if you need to benchmark your own programme.
• The reported ROI and savings assumptions behind the £522,000 annual estimate for UK healthcare facilities.

👉 Read Imprivata's report on shared-use mobile devices in healthcare →

Shared-use mobile devices in healthcare: where identity governance breaks?

Explore further

View Full Forum →  |  NHI Foundation Course →