Healthcare and the Cloud: Security of Health Information
Volpara takes an aggressive stance on information security, partnering with Microsoft Azure to offer continuous security-health monitoring.
By Paul Clancy
Chief Information Security Officer
Over the last decade, the cloud has gradually entered the public consciousness as a new frontier in information technology. However, far from being brand new, cloud computing has been around since the 1960s, and is an evolution from grid or distributed computing as it was known in those days. Trusted brands such as Apple, Microsoft, Amazon and Google have invested significant R&D efforts in perfecting the technology from at least the early 2000s. Even everyday sites including Facebook and Gmail are cloud-based services, and each handle sensitive personal information on behalf of consumers in the form of opinions, photos and private email.
So, how does the cloud affect us as consumers and as businesses? Can we be assured that our patients’ personal data, and even our own information, such as photos, emails and health records, are being protected? And can our patients and stakeholders trust healthcare providers to responsibly manage risks inherent to cloud-based information storage?
A force for good: the cloud and healthcare
In terms of healthcare, the cloud is here to stay. In 2015, the sector in the US spent $3.73 billion on cloud services, a figure that is projected to rise to $9.5 billion by 2020. It is an inevitable part of present and future data storage, and while healthcare providers recognise the huge upside in cloud storage, they are right to remain vigilant about risk management around how customer information is used and held.
As hospitals and healthcare providers increasingly turn to cloud-based services for back office functions, such as email and patient record storage, there is also a shift towards improving research capabilities and developing new treatments and personalised medicine. Laboratories studying the genetics of disease use the cloud to access high-quality, detailed data from higher numbers of patients, and renowned medical institutions, such as the Icahn School of Medicine at Mount Sinai, are researching breast and ovarian cancers using cloud-based platforms to observe patient information on an unprecedented scale.
This type of research is part of Volpara Solutions’ long-term strategy. We see enormous potential in having the ability to compare vast amounts of mammography data and the use of proprietary algorithms and machine learning to search for patterns that could lead scientists toward possible causes for breast cancer.
Where does Volpara fit in?
As a forward-thinking digital health services provider, Volpara naturally produces software and analytics products that depend on cloud services. The cloud allows us to provide multiple services that revolutionise the way breast imaging providers operate, helping them detect breast cancer earlier, giving clients of all sizes access to powerful clinical and research tools and allowing for rapid quality control checks of images. We understand that nobody wants to have to recall patients to have a mammogram redone due to poor quality images and the effect quality has on cancer detection rates.
As mammography information is collected and analysed via the cloud, we can provide clinicians with the tools required to compare patient populations and stratify their patients based on their unique body types. Perhaps even more importantly, Volpara’s products enable healthcare providers to personalise screening for each patient, or determine the correct levels of breast compression required in an individual’s future mammograms to reduce the pain or discomfort associated with mammography.
Is our information safe?
Broadly speaking, personal health records are safe in the cloud. Significant time and R&D dollars have been spent on security by some of the world’s largest and most highly regarded brands. The well-publicised breaches we hear about, such as leaked celebrity photographs, are almost always due to hackers circumventing personal security, usually passwords, rather than the cloud itself.
Responsibility for best-practice cloud security falls to the cloud services provider, but also to each hospital, healthcare provider or imaging centre. Depending on a customer’s geographic location, security requirements differ. Our customers in Australia and New Zealand comply with specific privacy acts, US customers are bound by the requirements of HIPPA, HI-TECH and the FDA’s cyber security recommendation, and European customers are governed by ISO27001 certification.
Guided by these regulations, healthcare organisations using Volpara technology have strict controls in place to manage their security, including stringent user authentication procedures; a strong deterrent to would-be hackers. As an extra protective measure, patients’ personal information is protected with military-grade encryption; that is, segmented into chunks of information that would be useless if accessed in isolation.
The onus is on Volpara to be safe with the data that is entrusted to us, and so we take a very aggressive stance on security. We partner with Microsoft Azure, which prides itself on being the only public cloud platform to offer continuous security-health monitoring.
Cloud-based technology is an exciting new frontier for the healthcare sector and represents vast opportunity. Volpara is proud to be a leader in the field, providing our customers with new possibilities for personalised medicine and streamlined clinical operations. Cloud services offer important implications for medical research and the development of new treatments, and we value being a trusted partner to the many organisations working towards better outcomes for patients.