Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Experts urge caution when putting health data in the cloud

Maria Korolov | Oct. 26, 2015
Healthcare has become a favorite target for criminals.

healthcare data cloud

Healthcare has become a favorite target for criminals, and some medical organizations are reacting by looking at outside providers to keep their data secure. But jumping to the cloud without first taking some precautions can be a mistake, experts say.

Last month, Salesforce introduced its Salesforce Health Cloud service, a cloud-based patient relationship management solution that integrates data from health records, wearables, and other sources and allows healthcare providers to access this information any time, any where.

The health care system requires that many different organizations have some degree of access to patient data, meaning that the security of the entire system depends on its weakest link. Moving to a provider like Salesforce will, in most cases, provide a higher level of security than organizations can typically manage on their own.

"Salesforce can invest much more in security than any one hospital can," said Rajiv Gupta, CEO at cloud security vendor Skyhigh Networks. "They are patching their systems constantly."

Many security professionals are uncomfortable when data is out of their control, he said, but the mind shift is already happening.

"I think the Salesforce Health Cloud was inevitable," he said. "And the timing is perfect."

One immediate benefit is that it can help move healthcare industry employees off of insecure cloud services, he said.

"An average healthcare employee uses 26 cloud services," he said -- and 5.6 percent of them are classified as "high risk" by Skyhigh.

"Most employees are not aware that some services are high-risk, and doctors like to collaborate," he said. "They find IT restrictions to be too constraining."

Healthcare organizations need to get to a place where they can allow doctors to use the best technology, while still meeting security, governance and compliance requirements, he said.

"Salesforce is one of the most enterprise-ready, lowest-risk cloud service providers out there," he said.

The platform is already being used by a number of large healthcare organizations.

Nashville-based MissionPoint Health Partners, which serves a quarter million patients in six states, manages its entire provider network through Salesforce.

Michigan Health Information Network uses Salesforce to address the problem of $6.3 billion worth of medications dispensed in Michigan each year that have unintended consequences, hurting patients and wasting money.

Other Salesforce customers include Colorado-based healthcare system Centura Health, California-based medical device manufacturer DJO Global, Netherlands' Radboud University Medical Center and the University of California, San Francisco, a center of health sciences research.

"All our platform customers run off of one code base," said Josh Newman, Chief Medical Officer at San Francisco-based "Each customer benefits from the requirements of the rest. That means that a small company has access to the same security and compliance features as the largest enterprise organizations."


1  2  Next Page 

Sign up for CIO Asia eNewsletters.