Despite widespread concerns about cloud data security and control, there’s been a lot of recent news on the healthcare industry’s steady, but cautious foray into cloud computing. In early July, research firm MarketsandMarkets issued a report stating that the healthcare cloud computing market will grow from $1.7 billion in 2011 to $5.4 billion by 2017, an encouraging 20.5% compounded annual growth rate. However, the report points to some key restraints, such as patient data security and cloud compliance that could slow down the market unless mitigated.
In a unique twist, a recent article identifies cloud data security as a primary driver, not an obstacle in the cloud adoption trend. In “Money in a mattress: Why patient records should move to a private cloud”, the author expounds on the security weaknesses of traditional hospital client-server systems in which protected data can be easily compromised, and he points to private or hybrid clouds as better solutions.
In client-server environments, data is often stored in unsecure server rooms and frequently downloaded to desktop and laptop devices, which can be stolen or lost. A safer option is to store healthcare data on a web-based private cloud, using cloud architecture similar to what is now more commonly being used by financial institutions, defense organizations, and intelligence agencies. Designed with cloud encryption and tokenization technology, these types of hybrid cloud data protection solutions let the users define and control what happens to their sensitive data when it’s in the cloud. And companies in these industries are finding that the solutions can and do offer the needed protection, opening up enormous financial and strategic benefits offered by the previously “off-limits” cloud.
For healthcare providers, cloud data protection solutions that incorporate encryption and tokenization help resolve HIPAA cloud data security mandates, which require the organizations to maintain the confidentiality of electronic Protected Health Information (ePHI). Encryption of ePHI is an acknowledged best practice for HIPAA compliance, and healthcare organizations are now starting to leverage cloud benefits both safely and legally. In many cases, this includes enhanced security over their traditional client-server architectures.