sakura - Fotolia

HIPAA-compliant cloud storage seen through my kid's data

For many of us, viewing and downloading family medical records from the cloud brings a sense of what HIPAA protection involves. Our new handbook looks at this concern.

I had a chance to download some of my son's electronic medical records from the cloud of a big Boston health system.

The data was mainly bloodwork results, which sure seems like a logical use of cloud storage. I suppose a cybercriminal prowling the web might find some of the information in the records valuable -- for example, the brands of allergy medicines a kid might take.

It's at this point that HIPAA-compliant cloud storage comes into play for providers, which is the theme of our SearchHealthIT handbook about healthcare cloud storage technology.

Audits hopefully fend off breaches

As Uncle Sam continues to pursue HIPAA audits of healthcare organizations -- see News Writer Shaun Sutner's piece on the government's audit protocol in this handbook -- healthcare organizations must show they conduct related risk assessments, including for third-party HIPAA business associates.

Meanwhile, as a parent, I would not be happy if I discovered that I could not access my son's records in the event of a data breach, such as a ransomware attack.

Healthcare organizations must show they conduct risk assessments, including for third-party HIPAA business associates.

Part of HIPAA-compliant cloud storage also reaches into disaster recovery steps, as Sutner outlines in a follow-up story. A health system he talked to keeps backup locations at two hospitals and also uses an off-site colocation center with other organizations.

Although I am not employed by the federal government, I suspect a HIPAA auditor would approve of the type of setup described above.

Finally, contributor Reda Chouffani wraps up the handbook by examining the pros and cons of personal cloud storage used by clinicians.

Don't overlook expediency of cloud storage

While IT departments are rightfully on guard to defend HIPAA-compliant cloud storage, such services -- when maintained properly -- can bring cost savings to hospitals and practices.

I'd add convenience to the list of benefits, too, given that I downloaded years' worth of my child's health exams in about 30 seconds. The reward in this case is clear; the risks may be less certain, although we all know they exist.

As time passes, the cloud contributes more and more to our everyday lives. I speak, if not for everyone, then for many healthcare consumers who appreciate the technological steps providers are taking to keep cloud storage safe.

HIT Squad digs into HIPAA audit prep

Next Steps

Expert explains why hospitals are a ransomware target 

Take these steps after a ransomware attack

In some cases, flash storage pulls ahead of the cloud at hospitals

Dig Deeper on Health care cloud applications and services