Healthcare security compliance in the cloud

The “cloud” has almost become a buzzword in health IT, with many hospitals considering a shift to remote servers to reduce costs and improve scalability. However, some executives have hesitated, given the cyber-security implications of accessing protected health information through the internet.

“It’s like online shopping,” Shaung Liu, chief technology officer of the provider division at Teladoc, said during a Microsoft-sponsored workshop at the Becker’s Hospital Review 3rd Annual Health IT + Revenue Cycle Conference Sept. 21 in Chicago.

“When you first did online shopping nobody wanted to put their credit card in the cloud … you didn’t trust it,” he explained. “Now, everybody does.”

Teladoc, a telehealth company that works with employers, insurers and health systems, opted to built its virtual healthcare platform for health systems in the cloud to ensure reliability, flexibility and scale.

“[Our] solution really has to scale,” Mr. Liu said. “Every hospital system has their own white labeled solution, their own instance, their own subscription in Microsoft Azure, which completely isolates their data from any other client.”

“We have to provide an experience that’s trusted for the patient,” he added, noting Microsoft’s efforts to ensure compliance under privacy and security regulations in healthcare. “A platform that’s willing to sign a [business associate agreement] with us tells us they’re willing to treat our data with just as much security as we need in our industry.”

Hector Rodriguez, worldwide health chief information security officer at Microsoft, weighed in on why Microsoft has worked to ensure Azure addresses information security concerns head on. “If you [as a healthcare provider] have to add the security layer … you need to rethink what you’re doing,” he said. “It costs a lot for you to be the security integrator.”…

Continue reading this article

View all Articles by: Melissa Clark, CCS-P