How To Reduce Risks In Cloud Computing

How To Reduce Risks In Cloud Computing

Healthcare IT News survey results released recently show that 48% of respondents plan to include cloud computing in their IT projects, while 33% have already done so. However, the survey also found that 19% of respondents had no plans at all regarding cloud computing. The co-founder and president of ID Experts, Rick Kam, has a reason for this: security. The 19% of total respondents fear that cloud computing is not secure enough for their data.

For health care institutions, entities, and providers in particular, it is data security that is of utmost importance, because these organizations must protect health information. Under the Health Insurance Portability and Accountability Act as well as Federal HITECH, health care organizations are responsible for the protection of health information in the cloud.

However, all is not lost for these health care organizations, because it is possible to reduce the risks associated with cloud computing as follows:

  • When tapping the services of a cloud computing provider, a health care entity must fully review the terms and conditions of the Service Level Agreement so that the entity’s risks and liabilities are fully understood. As such, the health care entity must accept that such risks must be fully absorbed by the organization.
  • Once operational, the health care organization must limit access to the cloud computing system. However, small health care entities may have to make do with whatever cloud computing service they can afford. These entities may not be able to limit access; their data and applications may be hosted in the public cloud because it is a lot cheaper than a private cloud.
  • Before signing on the dotted line, the cloud computing applications must be researched fully, because there are federal laws which limit access to protect health information to the very minimum. Only authenticated and authorized users must be able to access the cloud computing applications and there must be a log so that IT can audit each individual instance of access. However, not all applications have this feature; so, it is the primary responsibility of the health care institution to do its homework before acquiring cloud computing applications. Also, the cloud computing application must be designed for interoperability and data must be securely and smoothly moved between software applications which somehow expose health care information to certain risks. Therefore, protocols and standards for interoperability must be developed. When a health care institution procures a cloud computing service, it must ensure that the interoperability feature is present in the application.
  • A small health care organization must ask for third-party validation when taking advantage of a cloud computing application. It can ask its cloud computing provider to present a certification from a medical organization or association confirming that its cloud computing application meets the HIPAA and HITECH security requirements.
  • The health care entity must keep an inventory of the organization’s protected health information and personally identifiable information. This way, it can regulate the way it disposes, stores, uses, and collects the entity’s protected health information, because the said inventory can make known any data breach risks. A health care organization will then be able to plan its security measures so as to reduce the risk of a data breach.
  • The health care organization must create a cost-efficient and effective incident response plan which will help the entity meet the HITECH and HIPAA requirements alongside creating guidelines in case a data breach occurs. The plan assigns roles and offers guidelines, as well as the response team’s actions and responsibilities when a security breach occurs, and offers instructions on how to determine notification requirements, especially to the regulatory authorities.

By Florence de Borja

Sorry, comments are closed for this post.

Comic
Cukes and the Cloud

Cukes and the Cloud

The Cloud, through bringing vast processing power to bear inexpensively, is enabling artificial intelligence. But, don’t think Skynet and the Terminator. Think cucumbers! Artificial Intelligence (A.I.) conjures up the images of vast cool intellects bent on our destruction or at best ignoring us the way we ignore ants. Reality is a lot different and much…

Ransomware’s Great Lessons

Ransomware’s Great Lessons

Ransomware The vision is chilling. It’s another busy day. An employee arrives and logs on to the network only to be confronted by a locked screen displaying a simple message: “Your files have been captured and encrypted. To release them, you must pay.” Ransomware has grown recently to become one of the primary threats to…

InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Five-part series details companies to watch across five essential technology sectors SAN FRANCISCO, Sept. 27, 2016 /PRNewswire/ — InformationWeek released its list of “125 Vendors to Watch” in 2017. Selected by InformationWeek’s expert editorial team, the companies listed fall into one of five key themes: infrastructure, security, cloud, data management and…

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Connected Vehicles From cars to combines, the IoT market potential of connected vehicles is so expansive that it will even eclipse that of the mobile phone. Connected personal vehicles will be the final link in a fully connected IoT ecosystem. This is an incredibly important moment to capitalize on given how much time people spend…

Embedded Sensors and the Wearable Personal Cloud

Embedded Sensors and the Wearable Personal Cloud

The Wearable Personal Cloud Wearable tech is one avenue of technology that’s encouraging cloud connections and getting us all onto interconnected networks, and with the continued miniaturization and advancement of computing the types of wearable tech are always expanding and providing us with new opportunities. A few years ago, smartwatches were rather clunky devices with…

HOW THE CFAA RULING AFFECTS INDIVIDUALS AND PASSWORD-SHARING

HOW THE CFAA RULING AFFECTS INDIVIDUALS AND PASSWORD-SHARING

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

Get Ready For Virtual Reality and the Cloud

Get Ready For Virtual Reality and the Cloud

Virtual Reality Cloud We’re lucky to live in an era where virtual reality is no longer relegated to the confines of a sci-fi movie universe. Thanks to technology introduced by products like Oculus Rift, consumers now have access to virtual environments with fully immersive graphic capabilities. As a result, companies have only just begun to…

How You Can Improve Customer Experience With Fast Data Analytics

How You Can Improve Customer Experience With Fast Data Analytics

Fast Data Analytics In today’s constantly connected world, customers expect more than ever before from the companies they do business with. With the emergence of big data, businesses have been able to better meet and exceed customer expectations thanks to analytics and data science. However, the role of data in your business’ success doesn’t end…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

Adopting A Cohesive GRC Mindset For Cloud Security

Adopting A Cohesive GRC Mindset For Cloud Security

Cloud Security Mindset Businesses are becoming wise to the compelling benefits of cloud computing. When adopting cloud, they need a high level of confidence in how it will be risk-managed and controlled, to preserve the security of their information and integrity of their operations. Cloud implementation is sometimes built up over time in a business,…

Why Hybrid Cloud Delivers Better Business Agility

Why Hybrid Cloud Delivers Better Business Agility

Why Hybrid Cloud Delivers Better Business Agility A CIO friend of mine once told me that a hybrid cloud model enables him to “own the base, rent the spike” when it comes to unplanned events. Let’s face it – maintaining unused infrastructure for rare or random IT events is expensive and unnecessary in a cloud…

Fintech Investments Are Seeing Consistent Growth

Fintech Investments Are Seeing Consistent Growth

The Financial Services Cloud Fintech investment has been seeing consistent growth in 2015, with some large moves being made this year. The infographic (Courtesy of Venturescanner) below shows the top Fintech investors and the amount of companies they’re currently funding: Just this week, a financial data startup known as Orchard Platform raised $30 million in…

Cloud Computing Price War Rages On

Cloud Computing Price War Rages On

Cloud Computing Price War There’s little question that the business world is a competitive place, but probably no area in business truly defines cutthroat quite like cloud computing. At the moment, we are witnessing a heated price war pitting some of the top cloud providers against each other, all in a big way to attract…

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Enabling Business Strategies The cloud is not really the final destination: It’s mid-2015, and it’s clear that the cloud paradigm is here to stay. Its services are growing exponentially and, at this time, it’s a fluid model with no steady state on the horizon. As such, adopting cloud computing has been surprisingly slow and seen more…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services Business Intelligence (BI) services have recently seen an explosion of innovation and choices for business owners and entrepreneurs. So many choices, in fact, that many companies aren’t sure which business intelligence company to use. To help offer you a solution, we’ve compiled a list of 12 Business Intelligence companies…