Cloud-Based Healthcare Data Hinges on Security
Housing and analyzing big data has the opportunity to transform the healthcare industry by giving doctors access to more information about both individual patients and helpful general population health trends. However, it is paramount for all of that information to be safe and secure, leading to a few more roadblocks than are encountered in the finances and the sciences.
At HIMSS (Healthcare Information and Management Systems Society) 2013, a panel headed by David Houlding, Healthcare Privacy and Security Lead Architect of Intel , discussed the access benefits and the security challenges of moving that information to the cloud.
“When the patient is placed on the ambulance,” said Nicole Martinez, the Director of Nursing Informatics at Robin Wood Johnson University Hospital, on the immediate benefits of cloud hosting medical information, “data starts being uploaded. The information about the EKG, the blood pressure, the heart rate, the medication, all of that information is being uploaded. All the providers are able to access that cloud information to evaluate and analyze it.”
Of course, cloud hosting information of such a sensitive nature represents a significant security challenge, especially considering the latest changes to HIPAA, the Health Insurance Portability and Accountability Act. According to Brian Balow, a Partner at Dickinson Wright PLLC who participated in the panel, business partners of insurance companies and medical institutions are responsible for the safety and the security of medical information.
With that said, Kim Singletary, McAfee’s Director of Technical Solutions Marketing, believes that with the right controls, the performance and cost savings of operating in the cloud are worth it. “There’s been a lot of hesitation in moving to the cloud because of security aspects…It’s absolutely the right time to move to the cloud,” said Singletary. Of course, figuring out the right controls will be trick.
As such, providing said security may end up being a worthwhile (and incidentally fairly lucrative) venture. That notion was represented in the panel by Khaled El Enam, CEO of Privacy Analytics, who recognized the challenges of meeting HIPAA guidelines while also providing the quick access doctors would need to make use of such an investment.
“The safeguards,” Houlding concluded, “none of them are a panacea, we need many safeguards to help mitigate risk. The identification is important but the residual risk, we need encryption, we need tokenization, we need training.” Indeed, advancements in security and cloud technologies will be necessary to ensure that everyone is comfortable with moving critical medical data to the cloud.