Mon, March 7, 2016

HIPPA and the Cloud

If you’re in the healthcare industry and considering moving to the cloud, more than likely following HIPAA regulations and protecting the confidentiality of patient information tops your list of concerns. So does switching to a cloud services model provide more security?

This depends on a number of factors, especially the specific security protocol of your cloud service of choice, but we’ll try to break it down for you here.

Traditionally, your IT workflow is based on physical, on-premise servers and storage devices. What this means is that there are two primary points of access for hackers:

  1. your hospital or office’s local network—the security of which depends on how your IT specialist set up firewalls and how up-to-date your security protocols and software are; AND
  2. physical devices—the dozens, if not hundreds, of desktops, laptops, tablets, and mobile devices being used across your organization might be storing sensitive data and files. All of which could easily be accessed if the devices were lost or stolen.

With a Desktop as a Service (DaaS) cloud solution, every employee would have an individual user account hosted in the cloud. All files, data, and software would be hosted in the cloud rather than physical devices or the local network. Since the only point of access then becomes a portal to your DaaS account, stolen devices are no longer a concern. They contain no data on the physical device, which also makes replacing old devices much more streamlined in this environment.

With such a cloud solution, all security rests in the hands of your cloud provider. This is where the differences among cloud services and deployment methods become especially critical. In short, public clouds have an enormous scope of access where all of their users (sometimes millions) are logging into their accounts through the same portal. If a hacker were to gain access through the firewall, they could potentially gain access to several accounts at once. A private cloud solution, however, will most likely have each of their clients set up with customized firewalls under the client’s domain, making it inherently safer than a public cloud. For more details about the differences among each type of cloud service, refer to our previous blog post Cloud Computing 101.

To learn more about the benefits of implementing a cloud-based solution, contact Centrality Business Technologies for a FREE cloud readiness assessment.

Contact Us