• Smartphones and tablets: 3,444 (43.0%)
• Laptops: 3,576 (44.6%)
• USB drives: 996 (12.4%)

• Compliance
  
  • Certain industries, such as healthcare, finance, and insurance are highly regulated. Healthcare companies using BYOD must be particularly careful because of special regulatory risks and challenges raised by HIPAA and state data privacy and security laws.
    
  • Many companies have internal controls to protect confidential information. As the Credant Technology research illustrates, mobile devices of all types are easily lost. As a result, compliance with internal controls to protect confidential information may be problematic.
  
  
• Breach Notification laws
• Almost every state has a breach notification law and healthcare organizations must also comply with HIPAA/HITECH (and certain other companies must comply with the FTC). When a mobile device is lost, companies must ascertain what was on the device, and who must be notified. These risks can be mitigated with encryption.

• Data Destruction and Disposal laws
• Many states (at least 29 as of October 2013) have laws in place requiring that businesses destroy, dispose, or otherwise make personal information unreadable or undecipherable. These laws often address both paper records and digital devices. Nevada, for example, requires that businesses who "[t]ransfer any personal information through an electronic, nonvoice transmission other than a facsimile to a person outside of the secure system of the [business]" must first "use[] encryption to ensure the security of electronic transmission." NRS  603A.215.

• Litigation Holds – Where is your data?
• A company that is reasonably anticipating litigation is required to preserve all forms of relevant information. Preserving data may be problematic when companies are in a BYOD environment.

• Wage and Hour laws
• Wage and hour laws are implicated when hourly employees are working what would be considered "overtime". On the one hand, companies want their employees to work whenever and wherever it is most convenience for the employee. On the other hand, failing to comply with wage and hour laws can be very costly.

• Malpractice issues for doctors
• Healthcare providers also have special malpractice risks with mobile devices. Doctors, nurses, and others using mobile devices can become easily distracted by texting, social media, and other apps available on mobile devices. This distraction can lead to a medical error because the doctor or nurse can forget to do a specific task or acknowledge that the task has been completed. In a 2011 article, the New York times gave a real-life example:

Scott J. Eldredge, a medical malpractice lawyer in Denver, recently represented a patient who was left partly paralyzed after surgery. The neurosurgeon was distracted during the operation, using a wireless headset to talk on his cellphone, Mr. Eldredge said.

“He was making personal calls,” Mr. Eldredge said, at least 10 of them to family and business associates, according to phone records. His client’s case was settled before a lawsuit was filed so there are no court records, like the name of the patient, doctor or hospital involved. Mr. Eldredge, citing the agreement, declined to provide further details.

• Credant Technologies Press Release
• Reuter's Article by Mitch Lipka, Rise in identity fraud tied to smartphone use: Nearly 12 million Americans were victims of identity theft in 2011, an increase of 13 percent over 2010, according to a report released on Wednesday by the research firm Javelin Strategy & Research (Feb. 22, 2012)
• Nevada Data Breach and Security Statute
• List of State Data Destruction Laws
• New York Times Article by Matt Richtel, As Doctors Use More Devices, Potential for Distraction Grows (Dec. 14, 2011)
• Forbes Article by Eric Lai, How Healthcare's Embrace of Mobility has Turned Dangerous (Jan. 5, 2012)