While conducting research for the long overdue and nearly completed report on Personal Health Clouds (Dossia, Google Health and HealthVault) came across a recently published report by the European Network and Information Security Agency (ENISA) addressing cloud computing security. Though quite long (over 120 pages) the report provides a very comprehensive overview of cloud computing, its benefits, risks and some very good risk assessment tools to assist one in evaluating a cloud solution offering including segmentation by SaaS, IaaS and PaaS.
With the rapid migration to the “cloud computing” paradigm in the healthcare sector, be it personal health clouds, HIE vendors transitioning to PaaS vendors (note: Medicity made their own PaaS announcement yesterday – more to follow in near future), EMR vendors offering hosted solutions, to move to manage and store images in the cloud, and various niche vendors such as Medcommons, who uses Amazon to host its service, a report such as this is quite valuable and instructive both for potential users of cloud services as well as those offering them.
If you have even a remote interest in this subject, trust me, just get the report as it is one of the best I’ve come across to date.
John Moore blogs regularly at Chilmark Research.