The adoption of AI, the Internet of Things (IoT), big data, and analytics in the healthcare industry continue to gain speed and become more prevalent in 2018. Fueled by cloud technology, these advances are possible. And thanks to mobility, wearables, and the availability of electronic health records (EHRs) online, more effective outcomes are possible for caregivers, patients and providers. However, when you combine data management with growing security threats, IT teams and their data center partners must overcome the challenges of keeping sensitive data safe. Let’s explore the major healthcare data center trends impacting the industry in 2018 and the challenges they must overcome.
Increase in Cloud Computing Equals Increase in Data Center Capabilities
The average healthcare organization uses a little over 900 different cloud-based services—and only a fraction of those are vetted by their IT department. The global adoption for healthcare cloud services is predicted to reach about $10 billion by 2020.
With this increase, it’s imperative that data center providers find new ways to improve the security of cloud environments, enable hybrid connectivity that facilitates both private and public cloud use, and eases the pain of data management and protection for customers.
Data centers with hybrid capabilities allow customers to become more efficient, increase and scale services easily, and improve their overall economics. According to Gartner, by 2020, 90 percent of organizations will adopt a hybrid infrastructure:
“Organizations that adopt hybrid infrastructure will optimize costs and increase efficiency. However, it increases the complexity of selecting the right toolset to deliver end-to-end services in a multi-sourced environment.”
Data Center Security Is More Important Than Ever
Data center security remains a top concern for healthcare IT pros, and with good reason—EHRs are very attractive to hackers and data centers are a prime target. As a result, data centers must continually invest in best practices covering technology, people, and processes for security.
When it comes to cloud computing, providers must invest in a multi-layered approach to security—file encryption, intrusion detection, firewalls, user access controls, and two-factor authentication are just some examples that secure your cloud environment and help meet compliance standards. Cybersecurity should be treated as part of your governance, risk management, and business continuity efforts, and your data center provider is a critical part of the equation. Any gaps in security are vulnerabilities that are waiting to be discovered by cybercriminals.
Why Healthcare Data Centers Remain a Top Target for Hackers
The danger of security breaches and ransomware attacks is omnipresent, especially for healthcare organizations. The stakes are extremely high, as people’s lives are at risk. Hackers’ ransomware attacks are more likely to succeed because hospitals, medical practices, and other health organizations are on the hook for keeping people healthy and out of danger. Naturally, these organizations more likely to take immediate action and pay the ransom rather than go through a long recovery process from backups.
“Healthcare records are worth exceedingly more than, say, credit card data because they aggregate lots of information in a single place,” says Perry Carpenter for CSO. It’s a one stop shop for all the data cybercriminals need to steal your identity.
Personal data may include social security numbers, dates of birth, addresses, driver’s license numbers, health insurance information, and even credit card information; ePHIs are the perfect vehicle for cybercriminals to launch phishing schemes or steal identities.
Data from the 2017 IBM Security/Ponemon Institute Study showed that while the costs of a healthcare data breach have lowered slightly, they are still higher than breaches associated with any other industry. The average cost of a healthcare data breach is $380 per record, while the global cost per record for all other industries is about $140 per record. In 2017, the biggest healthcare-related data breaches impacted an array of targets, including teaching hospitals, Anthem BlueCross BlueShield, urology practices, MondoDB, and pediatric offices (where patient records of some 500,000 children are available for sale on the dark web. So far this year, we’ve experience no shortage of events. Hacking, malware infections and ransomware attacks affect more records than other types of incidents.
Wrangling Growing Data
By 2020, it’s expected that big data spending in healthcare will reach the billions. Fueled by mobility, connected devices, wearables, mHealth and empowered patients, there’s an explosion of data that is no small undertaking to manage, protect, and put to use.
Organizations are increasingly reliant on data center partners to help ease the pain of big data management and protection. Your data center partner should help you devise a plan for secure data storage, access, analytics and reporting, as well as data replication and backup for redundancy. Business continuity and disaster recovery strategies can leverage virtualization and automation software to simplify the process. Look for providers who offer expertise in the protection of ePHI, understand compliance requirements, and specialize in managed security services and disaster recovery.
Mitigating Risk—What to Look for in a Data Center Partner
Knowing what kind of security services your data center provides, and what kind of technology they use for physical and logical security is important when selecting a data center provider. Ask how they thwart cyberattacks, what mitigation strategies they invest in for themselves and their customers, and how they enable a hybrid infrastructure. Earlier we touched on logical security for cloud environments, but let’s not forget that physical security is required for all types of infrastructure.
Find a provider that takes a multilayer approach with strong physical security measures and accreditations validating their compliance controls. How do they secure backup tapes, recovery drives and other methods for redundancy? What about entire racks? Data center and cloud providers should leverage security measures such as setbacks, fencing, active guard patrols, ID checks, video monitoring, and biometric access control.
Consider that technology is just one part of risk management and compliance. The people that have access to your data and systems they controls are equally important; taking a methodical approach is always encouraged, so your employees, data center partner, and other vendors are all on the same page about the processes and policies you will use to keep your patient information safe.
Your data center partner should hold certifications and be compliant in HITRUST CSF, PCI, HIPAA/HITECH, SOC 1, SOC 2, EU-U.S. Privacy Shield and more. Working with a vendor partner who lives and breathes HIPAA compliance and who offers state-of-the-art managed security services can help with the increase in security needs while also giving you peace of mind.
Your ability to leverage new trends in healthcare IT directly affects the value you’re able to deliver to patients. Don’t let the tenacity of cyber thieves or malicious insiders threaten the success of your organization. Proactively work with a data center partner that will support your goals, keep you compliant, and maintain security across your environment. Speak to one of our healthcare IT experts today to discuss your challenges and data center needs for 2018.