Part 4 of 5 of “Moving Healthcare to the Cloud”
Written by: Anupam Sahai, Vice President, Product Management, Cavirin
In the last blog of our Moving Healthcare to the Cloud series, we discussed the key considerations for healthcare organizations that are defining a cloud migration project. In this blog, we examine the technologies to apply in order to assess, manage and reduce the risk of security attacks.
While the cloud is proving to be less risky, more secure and more innovative than traditional on-premises IT, it is still not foolproof nor without risk. Healthcare organizations need to take every precaution in the cloud to ensure confidentiality, integrity, and availability.
In many cases, data must be properly encrypted, with keys stored separately from where the data is stored in order to maintain confidentiality. The number of admins who have access to the keys to decrypt the data should also be limited and all access should be logged and verified. Data integrity can be ensured only if admins and users who have appropriate levels of authorization can modify, manipulate, or delete the data.