Cloud-Based Security Strategies: Protecting Healthcare Workloads for Future Sustainability
In the rapidly evolving digital landscape, healthcare organizations are increasingly turning to cloud services for data backup and recovery. These institutions prioritize security, compliance, and operational needs when evaluating cloud solutions.
At Cook Children's Health Care System, located in Fort Worth, Texas, Theresa Meadows, the senior vice president and CIO, leads a thorough risk assessment of potential vendors. This comprehensive evaluation includes examining a provider's security infrastructure, policy and procedure management, and network segmentation. The latest development at Cook Children's Health Care System involves transitioning its finance and human resources systems to a cloud-based solution from Workday.
Similarly, Kirby Medical Center, based in Monticello, Illinois, has moved its Electronic Health Record (EHR) to the cloud back in 2018. Mark Fred, the COO and CIO, emphasizes that moving to the cloud can save space, provide a better long-term solution, and generally make an organization more secure if a good provider is chosen. For smaller facilities like Kirby Medical Center, maintaining a solid patching strategy can be challenging, making working with a cloud company that has those processes in place beneficial.
When deciding on a cloud provider, both Cook Children's Health Care System and Kirby Medical Center insist on legal agreements detailing data backup and recovery processes. This meticulous approach ensures that both parties understand their respective roles and responsibilities in maintaining data security.
In light of the Kronos outage in late 2021, Cook Children's Health Care System has a contingency plan in place for potential cloud-based system failures. Meanwhile, Kirby Medical Center is aiming to pursue other cloud initiatives to adhere to security best practices and remove physical servers.
IDC advises healthcare organizations to understand exactly how their cloud service is being provided, including data storage location, HIPAA compliance, and business associate agreements. One of the biggest risks for Kirby Medical Center is email, leading to plans to migrate from its current Exchange Server to Microsoft 365.
As more healthcare organizations transition to the cloud, a growing number of IT leaders believe that moving to the cloud improves security. By integrating industry best practices, compliance mandates, security frameworks, and a hybrid cloud strategy, these institutions optimize control and protection according to data sensitivity and operational needs. This strategic approach ensures that healthcare data remains secure while enabling organizations to leverage the benefits of cloud services, such as improved agility and scalability.
[1] HIPAA Journal. (2021, January 22). Cloud computing in healthcare: Best practices, benefits, and challenges. Retrieved from https://www.hipaajournal.com/cloud-computing-in-healthcare-best-practices-benefits-and-challenges/
[2] IDG Communications, Inc. (2020, October 1). The state of cloud adoption in healthcare. Retrieved from https://www.healthcareitnews.com/cloud-computing/state-cloud-adoption-healthcare
[3] TechTarget. (2021, March 16). Cloud computing in healthcare: Key considerations. Retrieved from https://searchhealthit.techtarget.com/definition/cloud-computing-in-healthcare
[4] HealthIT Security. (2020, November 2). How to backup healthcare data in the cloud: Best practices for healthcare organizations. Retrieved from https://healthitsecurity.com/news/how-to-backup-healthcare-data-in-the-cloud-best-practices-for-healthcare-organizations
[5] Healthcare IT Today. (2021, January 15). Cloud computing and healthcare: Ensuring compliance and security. Retrieved from https://www.healthcareitoday.com/cloud-computing-and-healthcare-ensuring-compliance-and-security/
- In the process of choosing a cloud provider, both Cook Children's Health Care System and Kirby Medical Center prioritize understanding the specifics of data storage location, HIPAA compliance, and business associate agreements, as advised by technology and data-and-cloud-computing resources like IDC.
- As part of their strategic approach towards cloud adoption, Kirby Medical Center also plans to migrate from its current Exchange Server to Microsoft 365, aiming to integrate industry best practices for security and compliance in technology and data-and-cloud-computing.
