How to Protect Healthcare Data in the Cloud

You don’t have to look far to see that data breaches are running rampant among healthcare organizations. In 2015, three of the highest-profile cases – Community Health Systems, Anthem and Premera – resulted in the breach of over 96 million personal health records.

Looking at only one year’s worth of data doesn’t even begin to reveal the full scope of this problem. Since 2009, the data of more than 120 million people has been compromised in over 1,100 separate breaches at organizations handling protected health data. That totals over 143 million compromised patient records – or roughly 45 percent of the U.S. population.

When looking for the root cause of these repeated breaches, three factors stand out: The overwhelming use of legacy security systems, weak partner networks (where any point in the chain can easily be broken to compromise the entire system), and the determination of attackers to obtain this valuable data.

More healthcare organizations are turning to and trusting public cloud providers like Amazon Web Services (AWS) to take advantage of benefits like cost, scalability and collaboration. By 2020, 80 percent of healthcare data will “…pass through the cloud at some point in its lifetime, as providers seek to leverage cloud-based technologies and infrastructure for data collection, aggregation, analytics and decision-making,” according to IDC Health Insights.

Moving  to the cloud is easy, but getting the right controls and alerts in place to protect this data in the cloud requires a more concerted effort. In order to address these cloud security requirements, businesses must understand what security measures they need to prevent data loss, how to achieve HIPAA compliance, and how to monitor for anomalous user behavior inside servers and their workloads.

For details on how to implement these measures, download our solution brief, “Continuous Monitoring: A Better Solution for Maintaining Healthcare Data Security in the Cloud