Healthcare Information Security

Cloud News

Healthcare Cloud Adoption Slow Due to HIPAA, Survey Finds

“Security has been a major barrier to cloud adoption in many verticals, but it’s especially critical in heavily regulated industries."

By Elizabeth Snell

While healthcare has increased its cloud adoption from 8 percent to 37 percent in the last year, according to a recent survey, it lags behind other industries in terms of cloud adoption due to HIPAA regulations.

Healthcare cloud security concerns key factor in healthcare cloud adoption rates.

Privacy concerns, limited applicability of Mobile Device Management solutions, and doctors moving from one provider location to another can all contribute to healthcare cloud security concerns, Bitglass explained in its second annual Cloud Adoption Report.

Regulated industries, such as healthcare and financial services, have seen cloud adoption rates nearly triple.

Overall, the adoption rate has increased from 15 percent in 2014 to 39 percent, Bitglass found. Adoption in unregulated industries has moved up from 26 percent in 2014 to 50 percent in 2015.

“Security has been a major barrier to cloud adoption in many verticals, but it’s especially critical in heavily regulated industries and plays a major role in such organizations’ decisions to move their data into a public cloud app,” the report’s authors wrote. “The data-centric security solutions offered by Cloud Access Security Brokers are enabling firms in these heavily regulated industries like healthcare and finance to remain compliant while using public cloud apps, accelerating the shift away from on-premise apps.”

The report also found that the education sector is adopting cloud options faster than other industries, with an overall adoption rate of 83 percent. Moreover, 42 percent of the cloud applications are on Google apps, while 41 percent are on Office 365.

Bitglass also reported the following key findings:

  • 55.5 percent of media and entertainment organizations have deployed a type of public cloud adoption
  • 61 percent of the communications sector uses a cloud application
  • 47 percent of US government organizations, including state and local, have adopted cloud apps

Bitglass graph of cloud adoption by industry

"Industries like education and communications are leading the move to cloud, but the surprise is that large corporations, even in heavily regulated industries, are gaining confidence in using cloud apps," Bitglass CEO Nat Kausik said in a statement. "The emergence of third-party security services from cloud access security brokers is helping to fill cloud security gaps and to make public cloud a reality for all industries."

Healthcare cloud security is a common concern in the industry. Excessive PHI sharing was listed as a possible pain point in a recent CloudLock Cybersecurity Report. Overall, 72 percent of practices reported they concentrate heavily on preventing excessive sharing in the cloud, while 38 percent of organizations concentrate on protecting PII.  

Another report showed that healthcare cloud data loss prevention (DLP) violations account for the most DLP violations among several industries. The Fall 2015 Netskope Cloud Report found that healthcare accounted for 76.2 percent of all cloud DLP policy violations, and healthcare and life sciences had the highest number of DLP policy violations in content at rest in sanctioned apps with 21.1 percent.

The Netskope report also found that PHI accounted for 68.5 percent of violations in cloud apps. The second most common type of information compromised was PII, which accounted for 13.7 percent of all violations.

"In the wake of a series of high-profile breaches and data loss events, there's a growing consensus from the board level down that recognizes the need for greater visibility and actionable policies to govern cloud usage and protect sensitive data," Netskope CEO and co-founder Sanjay Beri said in a statement.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...