Disaster prevention: Keeping healthcare safe in the cloud

By Kurt Hagerman
November 14, 2013
08:23 AM

Say outage to a retail company’s IT department and they’ll probably talk about lost revenue, salvaging a brand’s reputation and restoring consumer trust. Say breach to an e-Commerce IT department and you might hear talk about avoiding a PCI fine. But if you discuss either of those terms with healthcare IT staff, you’ll probably hear about a very different concern – saving lives.

Obviously disasters, outages and breaches are damaging for every organization. But healthcare cloud security goes beyond protecting sensitive personal information to ensuring the availability of critical medical data that can be the difference between life or death. Think of a consultant who suffers an accident or heart attack while traveling and becomes unresponsive. The accessibility of his medical history could help hospital staff save his life. While that may seem like an extreme example, an outage can have disastrous effects on all patient care. A lack of test results or allergy information, patient identity mix-ups or conflicting medications, can all have deadly consequences.

This means that while high performance is mandatory for all healthcare clouds, disaster preparedness is even more crucial. Meeting HIPAA compliance standards and FDA regulations are only one aspect of cloud security for healthcare providers.  Critical systems must be kept running and available even in the event of a large-scale failure. And given that major brands like Amazon, Microsoft and Google have experienced outages this year, it’s obvious that every organization can benefit from making sure their business continuity and disaster recovery (BCDR) plans are up to snuff.

The good news: the cloud’s virtualized infrastructure can actually assist you in maintaining uptime and reliability. It’s just a matter of following three steps.

Assess Your Risk

Risk assessments are a mandatory part of protecting electronic health information, yet a 2012 Office of Civil Rights audit found many healthcare organizations and their vendors fail to perform them. If you’re not regularly conducting these evaluations, start by considering possible threats to your information systems. Don’t stop with intentionally malicious human attacks; also include natural disasters like floods or earthquakes or power outages.

After assessing the likelihood of an actual threat occurrence and the plausible impact it would have on your cloud environment, take any corrective actions necessary.  Be thorough in your assessment, and analyze all security policies and architectural vulnerabilities relating to storage and backup, encryption use and data authentication and transmission. All of this can go a long way toward preventing a disruption in services.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Former Georgia Rep. Doug Collins
Trump taps former Rep. Doug Collins to head VA

Most Read

Epic and Oracle Health sign on to Veteran Interoperability Pledge
Vendor Notebook: New cybersecurity and EHR performance upgrades 
Texas AG settles with clinical genAI company
Meridian, Mae partner to boost maternal outcomes, lower disparities
Choosing a managed IT service for aged care
The future of interoperability: shaped by patient experience priorities and the needs of AI

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

More Stories

HIT professional reviews information on a laptop outside a server room
ASPR seeks feedback on public health orgs' cybersecurity needs
Gabriel Jones of Proprio on AI
Artificial intelligence is enabling big advances in surgery
Pharmacist sorting pills
Deploy RFID technologies to streamline controlled substance management
Healthcare workers in a meeting
Prioritizing cost management at U.S. healthcare systems: Keys to better margins
Healthcare worker looking at medical record on tablet with patient in background
Protect your IoMT devices against evolving cyberattacks
Jill Brewer at HIMSS_Healthcare Cybersecurity Forum 2024
What's the weakest link in organizational cybersecurity? Not what you might think
Richard Staynings at the University of Denver_Healthcare Cybersecurity Forum 2024
The challenges of safeguarding healthcare's 'data ocean'
Avihai Sodri of Antidote Health on telemedicine
How virtual-first can improve outcomes and make care more affordable