Considerations for Securing Medical Research in the Cloud

Credit to Author: Susan Biddle | Date: Fri, 26 Jan 2018 13:45:59 +0000

The digital transformation of healthcare has had far-reaching effects on patient care. Telehealth and connected devices have changed the way patients and physicians interact and create treatment plans, while workflow management solutions have made care providers more organized and efficient. While technology continues to improve day-to-day interactions and the overall patient experience, behind the scenes it’s also transforming how medical research is conducted, providing capabilities that were previously impossible for research teams. This is in large part thanks to the capabilities of the cloud.

Cloud Use in Medical Research

Medical research and pharmaceutical facilities are adopting IaaS, PaaS, and SaaS cloud environments for multiple reasons. Instances of cloud computing in research environments are likely to grow based on these five key benefits:

  1. Data Analytics

The cloud has given medical research facilities the ability to correlate massive amounts of data at an unprecedented rate, providing actionable information without the need for additional specialized equipment or staff. These computing capabilities allow researchers to analyze structured and unstructured data collected across various devices, enabling them to make informed decisions about treatments plans faster and more accurately. As a result, fifty-nine percent of health IT leaders intend to adopt cloud solutions to support big data analytics.

  1. Scalability

The proliferation of connected medical devices has yielded massive amounts of data that must be stored and accessed for research purposes. The scalability of the cloud enables researchers to continue to collect and store this data in a cost-effective way, without a negative impact on performance.

  1. Cost Efficiency

Cloud use, especially in instances of IaaS, drastically reduces the upfront costs of research that would otherwise require building comprehensive datacenters and storage capabilities. Rather than having to build out this infrastructure themselves, research facilities can delegate it to third-party cloud providers, thereby reducing the cost of entry and making research more accessible.

  1. Collaboration

Clinical research often requires input and participation across different research teams and experts distributed across a variety of locations. The cloud facilitates collaboration between geographically dispersed teams through simplified data sharing, while allowing members of these different research teams to instantly access critical information from any device.

  1. Speed

Cloud computing allows data to be available in real-time with minimal downtime, giving research teams the ability to process results and make fast decisions as new information comes to light.

While the cloud offers huge benefits in this area, research facilities that wish to take advantage of cloud offerings also have to ensure that data stored in cloud environments remains secure and is compliant with all applicable regulatory standards.

Securing Medical Research in the Cloud

Using the cloud to support medical research means storing the protected health information (PHI) of patients in a third-party database. This makes healthcare clouds high-value targets for cybercriminals looking to steal and sell the personal information of patients on the dark web. In addition to targeting PHI, cybercriminals may also target research in order to steal intellectual property.

To fully leverage the power of the cloud for research – without compromising patient privacy or original findings – medical research facilities need to deploy dynamic cloud security controls designed to adapt and scale as cloud usage expands. These controls should also incorporate application and DDoS security to ensure cloud-based apps cannot be exploited for network entry, or to knock organizations offline. To provide this level of security, healthcare organizations need to employ internal segmentation to enhance data visibility in the cloud and isolate threats, while maintaining consistent controls between on-premise, remote device, and cloud-based security solutions.

Fortinet’s Cloud Security Solutions integrate seamlessly with the Security Fabric to provide broad visibility and scalable protection across public, private, and hybrid clouds, including advanced segmentation and application protections.

Healthcare Compliance in the Cloud

In addition to securing intellectual property and PHI, integrated cloud security controls allow healthcare organizations to ensure they maintain compliance with critical industry regulations such as HIPAA or GDPR. While cloud service providers may include a basic set of built-in security features, medical organizations are ultimately responsible for ensuring compliance and maintaining the consistent protection of data and PHI.

This means that medical researchers storing PHI in the cloud need additional controls that provide deep visibility into data movement and accessibility and granular, integrated controls to ensure security and compliance as data moves between cloud environments, local networks, and remote devices, rather than risk fines for noncompliance.

Furthermore, research facilities also have to ensure that their cloud provider is capable of maintaining compliance with regulations across geographies. For example, if regulations prohibit data collected on citizens from leaving the country of origin, researchers will have to come to a cloud service agreement with their providers to ensure they do not store this data overseas. The current trend towards multi-cloud environments complicates security issues even further, as research teams and facilities will need to ensure consistent security posture and policy enforcement across different cloud ecosystems.

It is critical, therefore, that organization look to adopt security solutions designed to work seamlessly across an increasingly distributed and complex ecosystem of networked environments. Which is why Fortinet has designed our Cloud Security Systems to provide consistent protection and controls across devices and networks, combined with centralized management and orchestration, so organizations can easily and securely scale their networks and services.

Final Thoughts

The cloud is enabling medical research in many ways. However, storing valuable data in the cloud makes it a target for cybercriminals, and healthcare organizations are ultimately responsible for its security. In order to take advantage of the benefits the cloud has to offer simultaneously while maintaining privacy and compliance, additional security controls must be implemented across cloud environments.

Learn more about Fortinet solutions for healthcare

Download our paper on securing dynamic cloud environments.

 

 

https://blog.fortinet.com/feed