Healthcare Information Security

Cloud News

Prioritizing Healthcare Cloud Security in App Transitions

As more organizations transition to the cloud and move their applications, healthcare cloud security must remain a top priority through the entire process.

Healthcare cloud security key issue for entities transitioning their applications.

Source: Thinkstock

By Bill Kleyman

- In working with a vast variety of different types of healthcare organizations, I’m certainly seeing a trend continue to grow. Healthcare is moving to cloud. This means growing from $3.73 billion in 2015 to nearly $9.5 billion by 2020, according to research firm MarketsandMarkets.

"The market for public cloud services is continuing to demonstrate high rates of growth across all markets and Gartner expects this to continue through 2017," said Sid Nag, research director at Gartner, citing a recent cloud study. "This strong growth continues reflect a shift away from legacy IT services to cloud-based services, due to increased trend of organizations pursuing a digital business strategy."

Still, security concerns remain one of the biggest stopping points when organizations begin to look at cloud for various types of services. However, according to Gartner, only a small percentage of the security incidents impacting various organizations using the cloud have been due to vulnerabilities that were the provider's fault.

In fact, Gartner estimated that through 2020, 95 percent of cloud security failures will be the customer's fault. That means the cloud will be inherently secure, but our configurations and workloads will be at risk.

Some of the biggest trends around the healthcare cloud projects that I’ve been working on have been the transition of applications and user groups into the cloud. To that extent, it’s important to understand the cloud architecture that works to empower your use-cases and allows your healthcare organization to be a lot more agile.

READ MORE: Utilizing Cloud Computing for Stronger Healthcare Data Security

Also, it’s critical to look at design components to ensure that you’re not “at fault” when you do move your workloads into the cloud. To stay safe, consider these points when moving healthcare apps and workloads into the cloud.

Start with your users

Believe it or not, your users are one of the most critical parts when designing a cloud delivery architecture focusing on applications. Understanding use-cases, how they’ll be interacting with the app, ways to make the process more intuitive, and even understanding the devices used to access the app will all help with the design. Today’s cloud-ready applications are extremely agile. That means they’re being delivered to things other than just traditional desktops and laptops. Starting with the end-user will allow you to create an application delivery platform that’s clear, concise, and much more secure.

Invest in monitoring; cloud and on-premise

There are some powerful monitoring tools out there. However, the picture gets a bit bigger when cloud is involved. You may need to invest in cloud-to-cloud monitoring and security capabilities. Furthermore, are you managing keys? Do you require encryption? Can some data only live on one network or link? Cloud and on-premise monitoring allows you to mitigate risk and create new levels of visibility into user, application, and data interaction. 

Not all apps are designed for the cloud

So, don’t force it. Rather, design around the challenge as needed. Very simply, there may be some apps that you simply cannot move. However, you can create intelligent links and connections directly into a cloud provider. You can even specify which data points can go between cloud and the on-premise workloads. Just because an app can’t live in the cloud doesn’t mean you can’t still leverage cloud services.

Legacy IT isn’t always cloud-friendly

Coming off the previous point – if you are working with an app that’s less-then-mobile, you need to ask yourself if it makes sense to keep the app in general. Legacy IT can be a real roadblock to innovation. Furthermore, just because an application is still “working” doesn’t mean it’s actually bring much value to your organization. Yes, it can be expensive to move to newer platforms or applications. But ask yourself about the tradeoffs and limitations with what you have today. And, review how this impacts your ability to delivery key healthcare services.

Work with good partners and cloud providers

READ MORE: Survey Finds Cloud Security, IoT Security Potentially Lacking

Finally, the design process doesn’t have to be a solo operation. Virtualization, application delivery, and cloud partners are constantly building environments capable of helping healthcare excel. Furthermore, these partners can help you navigate security, compliance, and even best practices around deployment.

Cloud computing can offer a vast amount of services for healthcare organizations. Already, many entities are leveraging cloud for a variety of use-cases. This includes backup, disaster recovery, and even application delivery. However, careful planning is absolutely critical for both security and good functionality.

As mentioned earlier, working with the end-user can usually create great success factors around healthcare cloud utilization. Furthermore, understanding user interaction with cloud-ready healthcare services will allow you to wrap security exactly where it needs to be. That is, you’ll be able to contextually secure data, their applications, and the cloud services they’re accessing.

Healthcare-specific cloud services are evolving every day. Cloud providers aim to provide granular security services for sensitive data points and help secure the applications accessing that data. However, it’ll be up to you to design security best practices around your own ecosystem, your applications, the data, and your users. 


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...