Disaster prevention: Keeping healthcare safe in the cloud

By Kurt Hagerman
November 14, 2013
08:23 AM

Be a Detective

When it comes to breaches, it’s an ugly truth that many stay undetected for months, giving hackers ample opportunity to penetrate systems and collect data. It doesn’t help that cybercriminals are unpredictable, striking through a variety of methods like malware, stolen credentials, or misused privileges. For this reason, a strong detection system is critical to cut attacks off at the knees before they accelerate from bad to catastrophic.

The best way to do this: set up alerts for anomalies like brute force attempts, abnormal web application requests or suspicious increases in traffic.  Proactive monitoring, scanning and remediation can build a stronger security wall, along with automatic security countermeasures that stop further attacks while engineers check into the alert. Third party security data on malicious domains, advanced persistent threats or similar concerns can also be helpful in shaping your security model. Another smart technique: collecting and trending data at a macro level so that your data patterns can highlight any breaches.

Protect Business Continuity

Maintaining uptime is the heart of any healthcare disaster prevention plan. Whether your organization suffers an external incident or an internal crisis, your cloud infrastructure must be configured to ensure continuity and keep healthcare data accessible while keeping other personal information like insurance or identification data private.

Assess your organizations tolerance for downtime (recovery time objective or RTO) and data loss (recovery point objective or RPO) and ensure that your BCDR plan is built to meet these requirements.

There are many ways to ensure against disaster ranging from bare bones data replication to a warm failover site to fully redundant, load balanced sites.  You need to balance your RTO and RPO against the costs associated with the various options to find the optimal solution for your organization.  For systems handling the most critical health care information, maximum failure resiliency is a must to keep the system and data available. This requires two or more geographically disbursed production environments, with as near to real-time data replication as can be achieved. DNS Traffic Management or Advanced Traffic management platforms can provide the necessary load balancing capabilities while preventing a failed environment from serving traffic.

A final word on disaster prevention: don’t forget to include any vendors who are working with protected health information in your plan. Just as you would check on their compliance efforts and cloud performance, make sure your vendor has created a BCDR plan that will keep your systems available and reliable. Preparation and foresight are at the core of all valuable disaster prevention strategies – and laying careful groundwork now will safeguard your cloud as well as your patients’ lives.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Former Georgia Rep. Doug Collins
Trump taps former Rep. Doug Collins to head VA

Most Read

Epic and Oracle Health sign on to Veteran Interoperability Pledge
Vendor Notebook: New cybersecurity and EHR performance upgrades 
Texas AG settles with clinical genAI company
Meridian, Mae partner to boost maternal outcomes, lower disparities
Choosing a managed IT service for aged care
The future of interoperability: shaped by patient experience priorities and the needs of AI

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

More Stories

HIT professional reviews information on a laptop outside a server room
ASPR seeks feedback on public health orgs' cybersecurity needs
Gabriel Jones of Proprio on AI
Artificial intelligence is enabling big advances in surgery
Pharmacist sorting pills
Deploy RFID technologies to streamline controlled substance management
Healthcare workers in a meeting
Prioritizing cost management at U.S. healthcare systems: Keys to better margins
Healthcare worker looking at medical record on tablet with patient in background
Protect your IoMT devices against evolving cyberattacks
Jill Brewer at HIMSS_Healthcare Cybersecurity Forum 2024
What's the weakest link in organizational cybersecurity? Not what you might think
Richard Staynings at the University of Denver_Healthcare Cybersecurity Forum 2024
The challenges of safeguarding healthcare's 'data ocean'
Avihai Sodri of Antidote Health on telemedicine
How virtual-first can improve outcomes and make care more affordable