Comments
Physicians Find Security In The Cloud
Newest First  |  Oldest First  |  Threaded View
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
4/26/2014 | 6:11:14 AM
Re: Physicians Find Security In The Cloud
This is in fact a very good initiative and should be invested upon. All one needs with cloud computing is basically a great redundant pipe running to the network and not any massive infrastructure as is used by other computing devices. That is a plus. It needs to be done now. All people are concerned about is what it can do for us as opposed to when exactly will we get this technology. That is the question we should ask ourselves.
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
4/26/2014 | 6:09:01 AM
Re: It's not if, it's when
@Gary, you raise some very interesting points and I totally agree with you on most of them. However, before everyone in the medical field jumps to the cloud, I think there are a few factors that must be considered closely and which, unfortunately have not been touched on so far. For instance, it may not be very wise, or even economical, for a small-time physician to invest in cloud computing since it would be much easier for him or her to simply secure the data locally using up to date EMR software.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
4/25/2014 | 9:54:15 AM
Re: It's not if, it's when
Thanks, @Gary. Even some of the most technically-minded physicians -- you know, pros who enjoy tinkering and even programming in their spare time -- agreed with your statement, Gary. They realize they don't have time and recognize major security flaws -- Heartbleed for example -- can be discovered at any time, including times when their practice is fully booked and nobody is available to make any needed patch downloads. 

As you also point out, availability is crucial. Of course, practices must seek at least 99.99% uptime from their cloud service providers. And get an SLA (reviewed by an attorney) with some teeth to it, recommended some experts I've spoken to over the years. What other steps are cloud users taking to ensure they can access data if they can't connect with their cloud-based data?
BobH088
50%
50%
BobH088,
User Rank: Apprentice
4/25/2014 | 9:48:40 AM
losing data
One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information. I want to share a protection option that worked for me. Tracer tags (mystufflostandfound.com) let someone who finds your lost stuff contact you directly without exposing your private information. I use them on almost everything I take when I travel like my phone, passport and luggage after one of the tags was responsible for getting my lost laptop returned to me in Rome one time.
Gary_EL
50%
50%
Gary_EL,
User Rank: Ninja
4/24/2014 | 9:58:51 PM
Re: It's not if, it's when
Yes, the there is a chance that the cloud provider can be hacked. But, protecting against that eventuality is what they do for a living, so the data is safer with them than it is at a doc's office with the "server on a board placed over a toilet in a bathroom" – I love that story! This idea will fly, because it makes so much sense. It's also why accounting firms like cloud-based software. Most of the responsibility for security is lifted off their shoulders, and if something goes wrong, it'll most likely be the software provider who gets sued or fined – not them.

Yes, the docs are fascinated with computers, just like most other bright people with technical educations. But, there are only so many hours in a day, and specialization is a bittersweet fact of life, and there are only so many roads most of us can walk down and still be at our most productive.

This is also the preferred solution because if/when a patient is hospitalized, the hospital docs will (hopefully) be able to access the records, and less of the primary's time has to be spent interfacing with the hospital staff.

The article touched on another critical point. The data will have to spend some time in the memories of the devices held by the doctors and his/her staff; maybe more time to keep the office running when the internet goes down, How will the info be protected then?
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
4/24/2014 | 5:50:30 PM
Re: It's not if, it's when
Yes, there is a chance a cloud service provider's data can be hacked, of course. But every single day we hear of laptops, phones, and tablets getting stolen or lost from doctors' offices and hospitals. Each of those devices often includes hundreds, if not thousands, of (usually) unencrypted data. Then that small office is fined, heavily fined, perhaps more than $1 million. If they luck out and don't get breached, is it planning or luck? Do the hundreds of small practices in a town spend adequate time and money adding the right security tools, training staff against social engineering, and updating everything once patches come out? Are their offices protected by sensors, security systems, wire, and dogs to prevent machines physicially being removed? How much background checking of employees do they do and how often do they refresh those checks? 

And, of course, they're supposed to care for patients in the middle of all this!

So while cloud isn't 100% safe, it's often a safer alternative. And it definitely should give practices peace of mind that they have reduced the risk to themselves if they do their homework and choose a partner with a proven track record of quality, security, and healthcare capabilities.
Stephen F.H266
50%
50%
Stephen F.H266,
User Rank: Apprentice
4/24/2014 | 4:54:38 PM
It's not if, it's when
What a mess.  Once medical information escapes the physical confines of the physician's office, clinic, or hospital, it will be hacked.  That's scary enough; what's even scarier is the possibility we won't even know it happened, much less who did it.  And once a central government gets its hands on the information, it becomes a vehicle for intimidation and other forms of destroying personal liberty.


The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.