Healthcare Technology Featured Article

July 09, 2013

Few Healthcare Providers Understand Security Requirements in the Cloud


Cloud security is a very hot topic today, especially given the recent exposé of whistleblower Edward Snowden, claiming the U.S. government has apparently been spying on its own citizens by tapping into the servers of technology giants including Google, Apple and Facebook.

This controversy does not bode well for those already skeptical about the merits of cloud. In certain industries, such as healthcare, cloud-based storage and mobile applications are typical sources of security concerns.

In fact, a recent study from the Ponemon Institute found that 33 percent of respondents said that they need to access protected health information (PHI) to do their work and yet few understood how to keep data secure. For example, 15 percent of those surveyed knew about HIPAA’s security requirements, but 33 percent of respondents indicated that they work for a HIPAA covered entity.

Additionally, 23 percent of those surveyed said that they frequently circumvent or disable required security settings on their mobile devices while 36 percent say it happens occasionally and 22 percent say it never happens.

In a recent interview with HealthITSecurity.com,Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, touched on several critical security issues when it comes to regulated data in healthcare.

“Managing regulated data is pretty serious because a lot of the devices used in a healthcare environment really aren’t all that secure, with issues such as viruses and malware that are able to be transferred to a network pretty easily,” Ponemon said. “Not just our research, but Gartner and others report that the rate of malware infection for BYOD devices approaches about 20 percent of all devices, which is unbelievably high.”

While there have been limited security breaches in the healthcare sector, Ponemon predicts more serious hacks will take occur in places such as Dropbox, shifting away from mobile devices and toward cloud storage.

“Healthcare is particularly vulnerable because many organizations don’t have the resources needed to secure those technologies,” Ponemon said. “The goal in healthcare generally is treating those patients, not privacy and security. You don’t see the same focus on security in healthcare that you do in the financial sector.”




Edited by Rich Steeves
Get stories like this delivered straight to your inbox. [Free eNews Subscription]




SHARE THIS ARTICLE



FREE eNewsletter

Click here to receive your targeted Healthcare Technology Community eNewsletter.
[Subscribe Now]