Five Safety Measures Organizations Should Practice When Adopting Cloud
As Healthcare Global recently reported, 83% of healthcare organizations are using cloud-based applications today. As more organizations become comfortable with using cloud services, however, safety measures need to be taken.
According to Skyhigh Networks’ Cloud Adoption and Risk Report 2Q, companies place various types of sensitive information on the cloud. These include customer data, employee data, financial data, sales data and intellectual property.
To date, there have been 63 data exfiltration events and 29 malware incidents within the healthcare industry, according to the report. The use of high-risk file-sharing services, such as Yandex.Disk and 4Shared, are likely putting enterprise data at risk.
Here are five security measures healthcare organizations should take to keep their data secure.
1. Take a headcount.
Review your employees’ favorite apps for file sharing and collaboration and consider whether any meet the department’s security and other criteria. Upon determination, your organization can standardize these apps and educate employees about their availability.
2. Read the fine print.
Have an attorney scrutinize your cloud services contract and service level agreement (SLA). Determine where your data will be housed and how this location could affect your organization’s legal abilities. Be sure to include penalties in the case of failure.
3. Strengthen the network.
As more healthcare providers add cloud services, it is crucial that infrastructures support these additions. Without a reliable network, employees will soon figure out workarounds such as unsecured public Wifi.
4. Inventory PHI.
Protected health information (PHI) has to be safeguarded. Organizations must therefore consider who has access to data, both internally and at service providers, how it is stored and protected. Ensure that your cloud partners are HIPAA-certified, depending on usage or data stored or accessed.
5. Develop an incident-response plan.
Include contact information, guidelines and a review of insurance coverage for partners as well as employees. Additionally, stay up-to-date on current local and federal laws.