Using Cloud Backup to Protect Patient Information

The Health Insurance Portability and Accountability Act (HIPAA) requires organizations to implement contingency plans for securing their patient information and data. The objectives for the contingency planning include disaster recovery and data storage. These backup requirements are a helpful starting point for health-related organizations to build an cost-effective plan for storing and protecting their patient health information. 

Healthcare providers who engage in electronic transactions must insure privacy while also employing compliant backup methodologies to guarantee the access, portability and confidentiality of patient records. This means that organizations must be able to restore computer records after an emergency situation. They must also provide secure means for protecting patient health information and backup this data real-time on a continuous basis.

One technology that helps the healthcare industry address these HIPAA requirements is cloud-based backup. As we mentioned in an earlier post the cloud refers to technologies that deliver computing over a network as an on-demand service. The model allows for secure sharing of applications, resources and data with computers and mobile devices almost like a utility.

In order to support HIPAA compliance and be a relevant alternative for the healthcare industry  automated solutions must effortlessly and inexpensively achieve very high data reliability and security.  With a well-designed Cloud backup strategy, IT infrastructure can now dynamically change to meet evolving storage needs and security requirements.

Here are a few of the features  that should be included in a properly designed HIPAA compliant healthcare Cloud backup solution:: 

• Fully automated data backups for servers and desktops
• Off-site storage at highly-secured data centers
• Web-based management tools for immediate restoration of damaged or deleted files.
• Long-term storage available in accordance with HIPAA
• Data protection using compression and AES-256 bit encryption
• Integrity controls setup for data
• E-mail Archiving to ensure sensitive data is retained and backed up consistently
• Data availability enhanced with mirroring to secondary secure facilities.

Data loss can result in decreased productivity, patient / customer attrition and revenue loss. Contact IPLogic to discuss how to update your contingency plan and learn about how cloud-based backup and recovery can secure your patient information.

Tips for Securing Your Data

The information stored on you company’s network and computers significantly contribute to your competitive advantage. Data on your employees, finances, customer transactions and product capabilities are just a few of the items that contribute to your growth and success. With so much data being created daily, there is a growing need to be protected from loss or attack.

Network interruptions, cyber attacks and natural disasters can all threaten information security and contribute to data loss for the unprepared. The result is often costly and time-consuming to remedy. While there are plenty of beneficial resources third parties can offer to assist with protecting and backing up your data there are a few first steps you can take on your own.

Here are a few suggestions to get you started:

• Act on Update Reminders - Software updates often contain critical security patches so don’t hit the “remind me later” button. Instead, take the time to install the available updates immediately.
• Adjust Access Rights - You don’t need to provide all employees with the same levels of access. Take time to look at which levels of access are available then limit availability to job-related information and functions.
• Strengthen Passwords and Policy - Make the requirements for your employee’s passwords more complex. In addition, require that they change the passwords regularly.
• Embrace the Cloud - Cloud-based computing provides you with additional levels of redundancy for your data while also delivering IT resources to your employees quickly and reliably.
• Encrypt Your Data - Whether it is the information your employees put on a USB thumb drive or the data transmitted over a wireless access point use encryption to add an extra layer of protection. Use WiFi Protected Access (WPA) to lock down the wireless components of your network when possible.
• Update File / Print Sharing - Keep the File / Print sharing option on your file server. But it can be removed from all desktops and laptops to decrease vulnerabilities.

There are also plenty of free resources available that provide background information on data security as well as alerts related to current threats. Here are a few helpful sites to get you started:

• Cisco Security Advisories & Responses
• Trend Micro Security Intelligence & Current Threats
• CERT Security Publications & Alerts for Business
• Information Systems Security Certification Consortium Cyber Exchange

These are just a few initial steps you can perform on your own to begin to quickly implement a base level of security within your organization while also accessing a few online resources to become aware of existing threats. The next step is to contact us to discuss cost-effective services to protect and backup your data. IPLogic utilizes a combination of industry-leading technologies to offer secure email, web, access, mobility and data center.