Healthcare Information Security

Cloud News

How to Keep a Secure Healthcare Environment in the Future

By Bill Kleyman

- I recently attended this year’s Cisco Partner Summit which was held in Montreal. The event featured exciting conversations, new trends, and a clearly growing technology field. There were some big messages at this year’s conference and it’s evident that new kinds of ecosystem technologies are going to be making an impact.

A secure healthcare environment is still possible with evolving technology

The conversation starts around capturing this new digital disruption that’s happening in our industry. In fact, according to the 2015 Accenture Technology Vision Report, 81 percent of executives believe that industry boundaries will dramatically blur as platforms reshape industries into interconnected ecosystems. Furthermore, 60 percent are now planning to engage new digital partners within their respective industries. This means that partners, service providers, integrators, and the organization itself must become ready for the truly digital age. This means aligning with new security trends, demands around IoE, and enabling the cloud.

So how does all of this impact the modern healthcare provider? Pretty much in every single way. Within healthcare, new trends are absolutely emerging around patient care and the technologies revolving around all of this. With this in mind, let’s look at three key future healthcare environment components and where they will be secured.

Mobility. The latest Cisco Mobile Forecast indicates that by 2019, mobile-connected tablets will generate nearly double the traffic generated by the entire global mobile network in 2014. And, because of increased usage on smartphones, smartphones will reach three-quarters of mobile data traffic by 2019. Mobility is already impacting healthcare. But this has to be seen as a much broader topic than just phones, tablets and mobile devices. We have to include IoE/IoT into the conversation as well, which we’ll touch on in a second. When it comes to mobility, those healthcare organizations that enable their associates to work on mobile devices just as they would in the office enjoy a very distinct competitive advantage. Their employees have all of their healthcare and business resources at their fingertips and can quickly respond to changing patient demands and business circumstances. They’re productive anywhere and anytime. 

  • Securing Mobility: Mobility security will revolve directly around infrastructure intelligence. Simply put, with so much information flowing through the modern healthcare architecture, there simply will have to be smarter ways to control traffic flow throughout a data center. This means creating a lot of policies scanning for malicious traffic and data leaks continuously. Also, this will have to span both wired and wireless systems. Most of all, this will have to be done without impacting user performance. Fortunately, new network security tools and embedded security controls within intelligent switching components allows you to have very granular visibility into both application and traffic flow. This is where traffic shaping, micro-filtering, and data flow control all become important.

IoE/IoT. Did you see the new IoT Pacifier? Here’s a device that can take the diagnostics of a child, real-time, and provide invaluable information to healthcare professionals. We are allowing technology to speak for those that can’t. Even though the concept of an IoT Pacifier is new, the idea behind what it can do isn’t. New sensors, smaller electronics, wearable devices are making direct impacts on the business and patient care. In fact, globally, the data created by IoE devices will be 277 times higher than the amount of data being transmitted to data centers from end-user devices and 47 times higher than total data center traffic by 2018. These new tools and interconnected technologies are set to revolutionize the healthcare process and greatly improve the way we support both the healthcare professionals and the patient.

  • Securing IoT/IoE:  It’s at this point that we should take a step back and really understand what IoT means to the healthcare. In many cases, these will be some kind of connected – possibly IP-based – device designed for a specific purpose. This is where contextual security policies can absolutely make an impact. The idea isn’t to control the device, but rather the data that flows through it. Moreover, you’re trying to ensure the quality of the IoE session is always perfect. For example, an IP-based patient device designed to send vital diagnostics to an app suddenly starts throwing out bad data. Networking policies can immediately see this anomalous, quarantine the device and alert an administrator. If there is an issue around a faulty sensor, it can now be resolved. More importantly, if that device or the traffic around it was compromised, you just had a system proactively stop further traffic flow.

READ MORE: How Evolving Business Models Impact Healthcare Security

Cloud Computing. Compliance and security were once some of the biggest barriers to adopting a healthcare cloud environment. I can honestly say that this is all really beginning to change. For example, the recent Omnibus rule (enacted as a change to HIPAA) now allows organizations to become business associates (BA). A BA is any organization that has more than just transient access to data (FedEx, UPS, or USPS, for example). An organization can sign the business associate agreement (BAA), which would now allow them to take on additional liability to manage protected healthcare information (PHI). This type of design allows your healthcare organization to continuously control the flow of sensitive information. As more healthcare data centers adopt the cloud as a model to offload workloads, better deliver applications, and better support a more complex end-user environment,  there will have to be better ways to monitor and secure the cloud.

  • Securing Cloud:  There will be new kinds of standalone cloud-ready security platforms as well as those built into existing cloud service provider architectures. I recently wrote that for now, cloud computing has really done a good job staying out of the spotlight when it comes to major security issues. The reality is that a public and hybrid cloud environment hasn’t really ever experienced a massive data breach. Ask yourself this question, what would happen if AWS lost 80 million records like in the very recent Anthem breach? The conversation around public cloud security would certainly shift quickly. But the reality is that they haven’t. The idea behind securing cloud is controlling your data as it flows into and out of cloud workloads. Networking monitors, WAN control policies, and secure links between data centers are great ways to ensure safe cloud traffic.

As your healthcare IT infrastructure shifts away from more traditional compute mechanisms,  security will continue to be a critical piece of any evolving ecosystem. Now, this kind of security spans cloud, mobile devices, and IoE/IoT. Adopting comprehensive security strategies which can, today, scale between data center and cloud will allow your organization to be prepared for a much more interconnected and secure healthcare architecture. 

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks