Healthcare News & Insights

7 questions to ask cloud computing vendors

Like in other industries, many healthcare organizations are turning to cloud computing for some of their IT services. But the Cloud can increase security risks, especially in health care, so due diligence when choosing vendors is imperative. 

In addition to the 33% that are already using the Cloud, just under half (48%) of healthcare organizations say they plan to use cloud computing services as part of their IT infrastructure in the near future, according to one recent survey. And in another poll, 71% of providers said they were currently using or considering cloud computing services.

Many organizations, especially smaller providers, are implementing cloud-based EHR systems. Those are often easier for smaller organizations to adopt, because there’s less of an upfront cost involved and less of a need for in-house IT expertise to install and maintain the system.

Healthcare organizations are also turning to the Cloud for email, image archiving, general storage and other IT services. That can help firms save money and make managing the IT infrastructure easier.

However, cloud computing can create new risks for organizations. Most importantly, many providers and hospitals are concerned about the security dangers of moving sensitive patient and other data off of their own networks and onto those of other companies.

To minimize the security risk, here are some questions healthcare organizations should ask cloud computing providers:

  1. What policies are in place to protect data — for example, how does the provider vet employees who have access to clients’ data?
  2. What’s the vendor’s privacy policy? Which employees are allowed to access customer data, and what controls are in place to keep data away from those without authorization?
  3. What technology is used to keep one client’s data separate from others’?
  4. What encryption protocols does the vendor use to protect data?
  5. How does the vendor notify customers of a data breach? Are all customers notified, or just those affected by the incident?
  6. How is data backed up? How many copies does the vendor make and in what geographical location are they stored?
  7. How and how often does the vendor audit its security? Is it possible for customers to perform audits?

For help choosing cloud computing providers, check out IT Manager Daily’s 21-point checklist for moving to the Cloud.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.