From the course: Cloud Security Considerations for the Healthcare Industry
Examine security requirements
From the course: Cloud Security Considerations for the Healthcare Industry
Examine security requirements
- [Instructor] Let's take a look at how healthcare organizations approach data security. This information was drawn from primary research on the views of enterprise chief information security officers in the healthcare industry vertical. Collected by the National Security Institute and Dell Corporation in the Spring of 2015. More detailed information is available in Practical Cloud Security: A Cross Industry View, published by CRC Press and available in bookstores and online. Healthcare organizations place their highest priorities around serving the needs of patients and the delivery of the care that they need. But at the same time, they operate within the limitations of a maze of regulatory and compliance requirements. Like the Health Insurance Portability and Accountability Act, or HIPAA, as well as, the Health Information Technology for Economic and Clinical Health Act, or HITECH, in the United States. And the need to safeguard electronic, personal, healthcare information. Common to these requirement sets is the need to encrypt data at rest and implement secure access controls to the encrypted information. An additional safeguard to protect data at rest from data breaches is the incorporation of monitoring access patterns to protected data by those who used protected information as part of their work. Retail pharmacies are in the uncomfortable position of needing to comply not only with PCIDSS standards, but also the need to protect their organizations from violation of government data breach statues. They also must meet food and drug regulator requirements for ensuring the trustworthiness and reliability of electronic records and signatures. Consequently, retail pharmacies face not only the risk of financial forensic and credit monitoring cost of fines, but also the likelihood of class action lawsuits, new legal precedents, and an extraordinarily negative impact on longterm reputation, customer trust, and sales because of the very personal nature of the patient healthcare information.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.