Is anyone dealing with an O365 rollout in an organization that has the above mentioned restrictions? If so, are you requiring MDM enrollment on any device that wishes to use the native O365 apps like Outlook? If so, has your organization chosen an MDM other than the one that you are using to manage your devices? This is the current situation that I'm in with my organization. I'm using JAMF to manage devices but the organization is using a very stripped down version of InTune to make sure all devices that use Outlook are enrolled in that MDM and have several security policies in place(such as device pin, device wipe, and app data removal). Since there's no way for them to guarantee that devices managed with another MDM are fully compliant, they're requiring that the other MDM be removed in favor of the InTune MDM or that device must use the OWA or use IMAP instead. This will potentially make it impossible for me to manage the devices that fall under my support since I won't be able to use an MDM that i can control. I'm just trying to figure out how other organizations are handling this situation.
My company dosent have those restrictions, but im kinda surprised O365 is available to use for a company that needs HIPPA compliance. My best suggestion is contact your Jamf "Buddy" i think is the term there using this week. And chat with them about it im sure they have someone who is in the same situation as you.
They must be using Intune MAM Policies that get pushed to the Office app when staff sign in to the apps on iOS devices. InTune MDM is not required to push the MAM polices to the devices managed by JAMF MDM.
As far as I know, they would have no way of knowing if the devices managed by JAMF are enforcing the HIPAA compliance. There needs to be a mechanism in place that certifies that the JAMF managed devices are, in fact, in compliance.
Glad to talk to you about what we are doing at our organization after weeks of meetings with Microsoft, MDM providers and Document Collaboration vendors. email me at firstname.lastname@example.org or call me at 202 370 0618. Luis