handling patient privacy on shared ipadsSolved

Wiping them daily would be an absolute nightmare. You just need to set them up using the Shared iPad feature through Apple Business Manager and your Hexnode portal. 

When you configure an iPad as shared, Apple actually carves up the hard drive into separate, encrypted storage partitions. Your nurses will just log in using their own Managed Apple Account. When a nurse finishes their shift and signs out, their entire workspace is locked up tight in their partition. When the next person signs in, they get a completely clean slate. There is zero data bleeding between the users, which is exactly what you want for clinical compliance. 

Okay that sounds perfect for the full time staff. But what about our float nurses? We have temporary staff who just cover a shift here and there. I really do not want to create and manage Apple accounts for people who work one day a month. Can they use these tablets securely without a permanent account?

Oh yeah, you are totally covered there too. Shared iPads actually have a guest mode built right in called Temporary Sessions. 

Your float nurses can just tap the Guest option on the login screen, do their shift, and access whatever web apps they need. The best part is that the second they sign out, Apple immediately nukes all the local data, files, and caches generated during that session. It leaves no trace. Just check your Hexnode restriction policies to make sure you have not accidentally blocked Temporary Sessions. As long as the restriction is not applied, the guest option will show up by default and keep things perfectly secure.