Healthcare IT Systems: Immunity in Cloud Hosting

With the passage of the healthcare reform act, tighter industry regulations that tie revenue to patient outcomes, and the ability to monitor national health at an unprecedented rate, the healthcare IT industry in the United States has become increasingly complex.

Today, technology and healthcare are merging in ways that will radically change the quality of work and life for both medical professionals and patients. Nowhere is this more evident than in the cloud, with increasing demand for not only cloud-based electronic health record (EHR) systems, but also applications that are connected to patients, caregivers, and every participant involved throughout the continuum of care. A recent report focusing on emerging technologies foresees the global healthcare cloud computing market to increase at a compound annual growth rate of 21.24% between 2017-2021, stating, “Some hospitals have deployed legacy systems for enterprise management systems, while some have migrated their IT infrastructure to the cloud-based model. IT systems should be made interoperable to support advanced medical technologies such as telemedicine, digital patient engagement systems, mHealth, and e-health systems.”

Cloud-based solutions in healthcare IT eliminate the need for repetitive tasks like patient paperwork and verification, lab result analysis, and simple prescription completions. And with record-keeping systems and medical care transitioning to cloud-based applications, there is a mountain of medical data that requires a hosted infrastructure that is secure, scalable, and available, for mission-critical applications.

The Human Variable in Security

Along with all these advancements, we are seeing more people entering into the healthcare IT system, which means more patients to monitor, gather and store data for, and who require quality care. To do this efficiently, you need interoperable systems that communicate with each other, that are always available, and HIPAA-compliant. Infrastructures and environments that are HITRUST certified are even more secure. Most systems already have this in place, but what often gets overlooked is security, both in the system and in the workplace. With this much data availability and portability, there is a lot of compute, processing power, and data storage requirements that can quickly scale beyond management with the amount of patient data coming in. Because of this, healthcare IT systems and technology providers put themselves at risk of ransomware and phishing attacks because their data is a veritable treasure trove for the modern-day hacker.

It is imperative for healthcare workers to be properly and periodically trained in current data privacy procedures and security best practices. A recent study showed that 78% of healthcare employees are lacking in even the most basic knowledge of security preparedness to prevent cyber threats. For instance, many employees do not know the difference between the de-identification and the encryption of data. All the HIPAA compliance and regulation adherence an organization has is no substitute for employee awareness, education, and implementation of cyber security risk prevention. So what’s at risk when an organization isn’t properly prepared or trained?  In a recent PHI incident involving Fresenius Medical Care, they were forced to pay a $3.5 million settlement to the U.S. Dept. of Health & Human Services Office for Civil Rights after 5 separate breaches were reported, some of which included stolen laptops which, “failed to implement a mechanism to encrypt and decrypt ePHI.”

An Industry Transformed

Beyond improved patient data management, cloud-based solutions give the healthcare IT industry the potential to advance patient care overall when coupled with transformative technologies such as AI, blockchain, and robotics. The data collected from these technologies can be analyzed in such a way to create more effective, efficient, and personalized health care. Research has shown the global digital health market was strengthened in Q4 2017 due to increased focus on improving interoperability and analytics capabilities, accelerating regional innovation diversity, and other factors.

Still, there are plenty of opportunities for IT to impact healthcare, most notably with mobile devices, especially when you consider the rapidly increasing use of mobile technology in healthcare today. Advantages include reduced errors in medication and labeling, improved communication between staff, and comprehensive improvement and cost reduction in patient care. Ninety-eight percent of clinicians are expected to use mobile devices by 2022, with adoption of mobile technology to expand to pharmacists, lab technicians, and eventually patient participation to provide a more holistic patient care experience. As these devices continue to grow in usage and as data flows at an increasingly higher rate, it’s more important than ever to have security strategies in place that can handle the volume, connectivity, and security required to deliver a safe, secure, and seamless experience for the healthcare user.

Regarding labs, North America is currently dominating the global market in Laboratory Information Systems which provide data in diagnosing, treatment, and illness prevention. The market’s growth is set to hit almost $2 billion by 2021, but not without a few challenges including high costs of lab information systems and, again, the lack of skilled healthcare IT professionals. The Harvard Business Reporter stated, “Relatively few organizations have taken the important next step of analyzing the wealth of data in their IT systems to understand the effectiveness of the care they deliver. Put differently, many health care organizations use IT as a tool to monitor current processes and protocols; what only a small number have done is leverage those same IT systems to see if those processes and protocols can be improved.” As data storage, processing, and portability requirements continue to grow in the laboratory market, security must remain a top priority; especially with the sensitive nature of the information regarding diagnosis, lab results, and personal PHI. If not implemented correctly, the effects of poorly managed cloud security can be disastrous.

Multi-Cloud, M.D.


Due to the varied nature of the services provided by the healthcare industry and the integration of mobile technologies, a solution based in the multi-cloud is best suited to meet the needs and demands of both practitioner and patient. But the healthcare industry is a unique case, because it has its own Internet of Medical Things (IoMT), connected medical devices like wireless heart monitors, glucometers, and other health-centric smart applications that, while convenient, are vulnerable to data breaches in the cloud. As more healthcare IT systems transition to the cloud, a thorough network-wide risk analysis is needed to ensure the unbreakable security and availability of their infrastructure. Once a secure framework has been established, healthcare IT systems can adapt, integrate, and automate these new technologies into their daily workflow.

Want to ensure that your infrastructure is completely secure and compliant? Contact a Ntirety Expert for a free risk assessment today.