While data security is a top priority for IT professionals in every industry, this is especially true for those supporting healthcare organizations. Besides the fact that healthcare is one of the most highly regulated industries requiring stringent security and privacy safeguards, data thieves are becoming increasingly sophisticated in their efforts to infiltrate data centers run by healthcare organizations. Several recent and notable breaches have shown just how effective cyber criminals are at gaining access and how vulnerable current healthcare security solutions really are.
Protected health information has more value on the black market than credit card numbers alone because it can be used by identity thieves to obtain pharmaceuticals and medical care. In addition, health organizations are vulnerable targets because they are often slower to adopt the latest security measures, such as keeping personal information in separate databases that could be inaccessible in the event of an attack.
What’s the prevailing reason why the healthcare industry is slow to adopt the cloud? Fear. According to a recent HIMSS survey, security concerns are cited as the top reason healthcare organizations don’t currently use cloud services (62%), as well as why some don’t plan on using cloud solutions in the future (44%).
Healthcare IT professionals agree that healthcare security was the top reason cited (58%) for healthcare organizations not yet adopting the cloud, according to a recent Spiceworks survey.
But the truth is, healthcare organizations—already resource-constrained—need to be continuously investing in advanced security measures to protect their PHI. Those that don’t, may pay an even steeper price.
From the physical security of on-site servers and individual devices to the virtual security of private patient data, healthcare IT professionals have a lot to think about. They need to know they can leverage all the benefits of the cloud—securely. The key? Choosing the right cloud solution to manage even the most stringent security regulations—one that also provides IT pros with peace of mind.
The traditional approach to healthcare security and healthcare computing is in-house and on-site. Software applications run on an infrastructure built and maintained by the organization. Larger organizations may have data centers to centrally manage and store sensitive data, while smaller organizations may have servers in their local offices. In the traditional model, the data stays with the organization, and IT professionals have complete control over the data and its security. When a healthcare organization uses the cloud, healthcare IT professionals must trust sensitive data to the cloud provider and its resources. They lose direct control over the data. This may seem like it would increase healthcare security risks… but in truth, there are huge security benefits in a cloud-based computing model.
Some healthcare organizations are already using the cloud for certain functions. More than half host clinical applications and data in the cloud today and nearly 47% use cloud solutions for health information exchange. And about 42% host human resources applications and data in the cloud, and use the cloud for backup and disaster recovery.
Even more expect to use cloud services more in the future. By 2020, 80% of healthcare data will “…pass through the cloud at some point in its lifetime, as providers seek to leverage cloud-based technologies and infrastructure for data collection, aggregation, analytics and decision-making,” according to IDC.
According to the HIMSS survey, over 40% of healthcare organizations plan to use cloud services in the future to host archived data. Nearly 32% plan to use the cloud to host operational applications and data, and 31% plan to use cloud solutions for backups and disaster recovery.
One reason healthcare IT professionals are moving toward the cloud is the cost; cloud solutions are lower cost than maintaining current IT maintenance costs. This is why, according to a recent Spiceworks survey, 49% of healthcare organizations are adopting or considering cloud services.
Forty-six percent are doing so due to the need for an on-demand, scalable, always-on solution, and almost 40% expect more robust disaster recovery.
Today, a whopping 53% of healthcare employees use three or more devices for work. Mobile device security is becoming more and more critical, and the mobile security tools IT pros have in the cloud are becoming more important. As if that weren’t serious enough, more security breaches actually occur from employees losing their devices than from hacks. In fact, 68% of all healthcare data breaches since 2010 were due to device theft or loss.