HIPAA-compliant cloud storage seen through my kid's data
For many of us, viewing and downloading family medical records from the cloud brings a sense of what HIPAA protection involves. Our new handbook looks at this concern.
I had a chance to download some of my son's electronic medical records from the cloud of a big Boston health system.
The data was mainly bloodwork results, which sure seems like a logical use of cloud storage. I suppose a cybercriminal prowling the web might find some of the information in the records valuable -- for example, the brands of allergy medicines a kid might take.
As Uncle Sam continues to pursue HIPAA audits of healthcare organizations -- see News Writer Shaun Sutner's piece on the government's audit protocol in this handbook -- healthcare organizations must show they conduct related risk assessments, including for third-party HIPAA business associates.
Meanwhile, as a parent, I would not be happy if I discovered that I could not access my son's records in the event of a data breach, such as a ransomware attack.
Healthcare organizations must show they conduct risk assessments, including for third-party HIPAA business associates.
Part of HIPAA-compliant cloud storage also reaches into disaster recovery steps, as Sutner outlines in a follow-up story. A health system he talked to keeps backup locations at two hospitals and also uses an off-site colocation center with other organizations.
Although I am not employed by the federal government, I suspect a HIPAA auditor would approve of the type of setup described above.
Finally, contributor Reda Chouffani wraps up the handbook by examining the pros and cons of personal cloud storage used by clinicians.
Don't overlook expediency of cloud storage
While IT departments are rightfully on guard to defend HIPAA-compliant cloud storage, such services -- when maintained properly -- can bring cost savings to hospitals and practices.
I'd add convenience to the list of benefits, too, given that I downloaded years' worth of my child's health exams in about 30 seconds. The reward in this case is clear; the risks may be less certain, although we all know they exist.
As time passes, the cloud contributes more and more to our everyday lives. I speak, if not for everyone, then for many healthcare consumers who appreciate the technological steps providers are taking to keep cloud storage safe.
