Keep Healthcare Data Safe and Compliant in the Cloud
•
0 likes•404 views
Kurt Hagerman gave a presentation on the HealthData RepositoryTM and how it addresses key challenges for healthcare organizations. It provides security through multi-layered defenses that meet regulatory requirements. It simplifies compliance through a HITRUST certified infrastructure. It ensures constant high performance and scalability of resources through proprietary technology. It also offers 24/7 support and business continuity through fully redundant infrastructure that can be configured to meet any uptime needs.
Recommended
More Related Content
What's hot
What's hot (16)
Viewers also liked
Viewers also liked (15)
Similar to Keep Healthcare Data Safe and Compliant in the Cloud
Similar to Keep Healthcare Data Safe and Compliant in the Cloud (20)
More from Armor
More from Armor (20)
Recently uploaded
Recently uploaded (20)
Keep Healthcare Data Safe and Compliant in the Cloud
- 1. Special Presentation: HealthData Repository™ Deconstructed Keep your data safe in the cloud Kurt Hagerman, CISO
- 2. Today’s Speaker HealthData Repository™ Deconstructed Kurt Hagerman Chief Information Security Officer Kurt Hagerman oversees all compliance related and security initiatives. He is responsible for leading FireHost in attaining ISO, PCI, HIPAA and other certifications which allow FireHost customers to more easily achieve their own compliance requirements. He regularly speaks and writes on information security topics in the payments and healthcare spaces, as well as on cloud security.
- 3. Agenda • Security & Compliance Challenges in Healthcare IT • Principles & Approaches to Address Challenges • Who Cares? • What is The HealthData Repository™? • Addressing: • Security • Compliance • Performance • Service • Business Continuity • Questions & Answers HealthData Repository™ Deconstructed
- 4. Security & Compliance Challenges in Healthcare IT Business Continuity & Disaster Readiness Are vital for organizations handling sensitive data Security Is critical as cyber threats become more sophisticated Compliance Is difficult & complex Performance Organizations need peak performance and 24/7 data availability Expert Service Is required to manage security to meet the compliance requirements HealthData Repository™ Deconstructed
- 5. Principles & Approaches to Address Challenges HealthData Repository™ Deconstructed Security Zoning Data Isolation Lack of Security Expertise
- 6. Hospitals, Clinics & Healthcare Professionals Healthcare IT Consultants Cloud Application Vendors Clinical R&D Service Providers Who Cares? HealthData Repository™ Deconstructed
- 7. What is a HealthData Repository™? HealthData Repository™ Deconstructed
- 8. Addressing Security Solution: The HealthData Repository™ provides multi-layered security that meets or exceeds enterprise best practices and regulatory requirements. Pain Point: Security is critical for cloud environments – especially for any organization that handles sensitive patient or medical data. • Defense in Depth • Security Ecosystem • Intelligent Security Model™ HealthData Repository™ Deconstructed
- 9. Addressing Compliance • Lower costs, lighter impact on staffPain Point: Meeting HIPAA regulations is difficult & complex. • HITRUST certified infrastructure for faster audits • Reduced procedural documentation and policies • Helps customers de-risk their own environment • Restricted access to sensitive data Solution: Reduce compliance scope by putting data in a vault to keep you protected and auditor-ready. HealthData Repository™ Deconstructed
- 10. Pain Point: Organizations need 24/7 access to healthcare data, and frequently overbuy to ensure their peak loads are handled. Addressing Performance Solution: The HealthData Repository™ scales resources to meet high demand when you need it, and save money when you don’t. Data always remains available. • Highest performing private cloud infrastructure • Scales to match your demands • Proprietary FluidScale™ technology HealthData Repository™ Deconstructed
- 11. Pain Point: Difficulty juggling variety of healthcare IT demands. Segment resources to handle compliance and security. Addressing Service Solution: Allows companies to reduce compliance and security efforts & focus on core business functions instead. • Simplified daily operations • Limited liability and activity from “everyday” security incidents • Supported 24x7x365 by consultative and proactive experts HealthData Repository™ Deconstructed
- 12. Addressing Business Continuity HealthData Repository™ Deconstructed • Fully redundant and highly available Pain Point: Healthcare IT applications can’t afford downtime – they must protect their patients and data by maintaining business continuity. Solution: The HealthData Repository™ is naturally highly redundant and can be adjusted to match any level of local and geographic uptime requirements. • Can be configured to meet your specific business continuity requirements
- 13. Who Provides This? HealthData Repository™ Deconstructed
- 14. Questions & Answers Thank You Email sales@firehost.com Phone +1 877 262 3473 HealthData Repository™ Deconstructed
Editor's Notes
- Neil: Hello there and thanks for joining us. Today we’ll be taking a close look at the HealthData Repository and talking about all of the ways it can help your organization remove your risk, simplify your compliance and boost your cloud performance. We’ll leave some time at the end to take your questions, and you can also submit questions during the webinar through the chat feature. To mute your phone, <instructions>.
- Neil: I’d like to introduce our speaker today. I’m Neil Wu Becker and I’ll be moderating our discussion. You’ll also be hearing from Kurt Hagerman, FireHost’s Chief Information Security Officer, on the specific security and compliance pain points your healthcare organization might be dealing with and how the HealthData Repository can help.
- Neil: Now let’s take a look at our agenda today. We’ll be talking about typical healthcare IT challenges for organizations that handle sensitive medical and patient data. Then we’ll talk about what The HealthData Repository is, how it works and who can use it to solve their compliance and security challenges. Then we’ll move on and explore each of the solutions the HealthData Repository offers. Finally, we’ll have some time at the end to take your questions live.
- Security is critical as cyber threats become more sophisticated Compliance is difficult and complex Organizations need peak Performance and 24/7 data availability Expert Service is required to manage security to meet the compliance requirements Business Continuity & Disaster Readiness are vital for organizations handling sensitive data
- Neil: Kurt, I’ll turn the discussion over to you as we talk about those common challenges in Healthcare IT. Kurt: Thanks, Neil. Whether you’re a hospital, insurance carrier or IT consultant, compliance and security are no doubt your top priorities. Getting HIPAA compliant can be especially challenging for organizations. Security is probably the most major challenge of all. Cyberthreats keep getting more sophisticated and hackers keep getting more cunning and creative. Organizations must protect their patients’ data. Performance is another challenge. Companies with variable traffic often overbuy just to make sure their peak loads are handled. And healthcare organizations have to have their data accessible at all times. That brings us to Service. Organizations often have difficulty juggling all of the business demands on IT and have to segment resources to handle compliance and security. Finally, part of protecting your environment is making sure you have a strong Disaster Prevention plan, with uptime and business continuity in the event of a crisis. I’m sure many of these sound familiar. And that’s where the HealthData Repository comes in – a game-changing solution for keeping healthcare data safe in the cloud
- Neil: Kurt, who exactly can use the HealthData Repository? What kind of organization is going to benefit from this? Kurt: If your healthcare application or database deals with regulated EHR and PHI data, HealthData Repository is for you. Let’s talk about some real-world examples of what customers are experiencing out there and how this brings them faster audits, lower costs and reduced risk. Hospitals, Dentists and Clinics – any organization providing patient care has significant HIPAA compliance and security needs. Think about the data involved here – test results, diagnostic codes, patient birthdates and billing information. Your average healthcare organization has to protect all of this data while maintaining uptime and performance – physicians need that data to make life or death decisions. Cloud Application Vendors – when it comes to providing EHR solutions, costs, security requirements and compliance complexity can stall development. HealthcareData Repository can reduce risk and compliance scope with enterprise security and a HITRUST certified cloud. It offers agility and cost-effectiveness for next-gen technologies, all while offering the highest levels of security for HIPAA and other regulatory compliance. Healthcare IT Consultants need to provide HIPAA compliance and security for their clients while facing pressure to reduce costs. HealthData Repository™ offers a secure, agile and affordable cloud that reduces risk and provides the security needed to comply with HIPAA and other regulatory requirements. Clinical R&D Service Providers need security for large infrastructures and are also under pressure to reduce cost and accelerate delivery. HealthData Repository™ dramatically reduces provisioning time and hosting costs to support field clinical trials, while maintaining data sovereignty and reducing risk. So you can see that really any organization that handles sensitive data can use The HealthData Repository to eliminate their compliance headaches and enjoy a smoother, safer cloud environment. There’s no need to hire additional staff to manage it or train on compliance regulations – we take care of that for you.
- The HDR is a HITRUST certified cloud infrastructure that helps healthcare organizations deploy a secure and scalable data repository. The result = reduced scope for compliance and faster audits for overall lower cost, while increasing security. Multi-layered security in the cloud. Isolated environment decouples data Restricts administrative access Protects regulated patient and medical data Strengthens organization’s reputation Faster audits. Reduced risk. Stronger performance. Reduced compliance scope for audits Simplified compliance processes (time, effort, and cost) Scalable, flexible options to meet variable demands Helps organizations de-risk their environment
- Neil: Now let’s take a look at some specific pain points your organization may be struggling with – and how The HealthData Repository can solve them. Security is always on everyone’s mind. Cyberthreats are always evolving and criminals know healthcare IT is a rich source of data. Kurt, can you give us more detail on how HealthData Repository provides multiple layers of security? Kurt: Sure. Healthcare clouds must be secure – there’s no way around it. Patient records, medical data, billing information – all of this is subject to regulation. But many organizations just don’t have the specialized tools and security experience needed for that level of advanced protection. HealthData Repository provides multiple countermeasures like Web application firewalls, IP reputation management, DDos mitigation and isolated SAN – and then it goes a step farther by providing a safe “vault” for your regulated data. Because that data is decoupled from the regular IT environment, it’s removed from typical active directory permissions and common or expected data center locations – it stays protected even in the event of attack. Even administrative access to that data is restricted, with controls that allow a special, segregated set of access permissions. Patients are fully protected, while providers enjoy uptime and immediate access to critical data. The HealthData Repository is such a convenient tool for businesses that can’t manage this kind of protection in-house. You don’t need to hire additional staff and keep training them to understand the latest security techniques. We offer all of it and manage it for you.
- Neil: What about compliance? Obviously the price of a breach can be catastrophic – from brand damage to lost data and heavy fines, and of course, the loss of patient trust. But we’ve also talked about how HIPAA isn’t that prescriptive, and trying to keep up with the latest recommendations and implement the right security controls can leave organizations confused. Kurt: Neil, you’re correct – compliance is a major challenge for many healthcare IT organizations. That’s why Gartner recommends The HealthData Repository <I know they recommended Payment Island – can we say this about HDR?) –it makes compliance simple by reducing your risk, preventing fines and protecting your brand reputation. Because data is decoupled from your IT environments, your entire compliance scope is reduced. You stay auditor-ready, your staff’s burden is lightened, and audits go faster and at a lower cost. I also want to say that the HealthData Repository is backed up by specialized compliance tools and 24/7 support by certified experts. Because FireHost understands the latest compliance requirements like the back of our hand, our customers can have the peace of mind of knowing they’re meeting all the necessary regulations.
- Neil: so let’s talk about performance. I know this is very important in healthcare IT – physicians and other providers need access to medical to make critical decisions. Kurt: That’s right, Neil. Organizations also experience variable traffic, so performance is a big challenge. To prepare for the high traffic times, these organizations often buy enough infrastructure for their highest peak load – and as a result, they overpay and overbuy. The HealthData Repository eliminates latency and scales to provide resources on demand - you pay only for what you need instead of wasting money on what you don’t. You get consistently high speed and performance. - since the cloud infrastructure is virtualized, your application and database will be protected from volatility with multiple intelligent scalability options. Everyone gets access to the data they need it, when they need it. Autoscale - lets IT administrators pre-set parameters to add memory and processor resources to secure servers whenever they’re needed - without any human intervention. This is a fantastic solution for businesses that experience unexpected spikes or surges outside of normal business hours. FluidScale - provides all the benefits of Autoscale – but enabling FluidScale takes it a step further so you no longer need a reboot to add those memory and processor units. This gives end users an even smoother experience, since it eliminates error messages and slow response times.
- Neil: A common problem we hear from healthcare IT organizations is that they just don’t have the right staff or technology to manage all of this. They juggle so many business demands on IT and end up segmenting resources to handle compliance and security. Kurt: Neil, you’re correct. The HealthData Repository is designed as a one-stop solution that takes care of all security and compliance needs. This is fully managed service and support you’re getting – which means your organization can reduce specialized compliance/security efforts and focus on your core business functions, ultimately delivering better patient outcomes. FireHost monitors both macro trends in attack vectors as well as regulatory changes. Our consultations and dashboards provide the real time information needed to keep you compliant and protected at every moment. We do the work – and you enjoy multi-layered security, simplified processes and reduced compliance scope.
- Neil: Outages are always a problem when they happen - and we know from experience that they’ve happened to major brands like Twitter, Dropbox and Google. Not only are they expensive, but they can have a life or death impact in a healthcare environment. Whether it’s a natural disaster, outage or a breach, healthcare organizations must keep critical systems up and running. Kurt: That’s right. Every second counts when it comes to accessing medical data in the cloud. Organizations need consistent performance and reliable security. Because the HealthData Repository is highly redundant, it keeps system up and running. Redundancy is maximized with geographic uptime – and organizations can maintain business continuity even in the event of a disaster.
- Neil: Now that we’ve taken a look at the insecurity complex rampant in the industry, let’s hear your questions. If you have any security challenges that you’re facing with your provider, let us know and we’ll talk about the right actions to take. Just use the chat feature to submit your questions.