Data security became front and center in 2017, and it will continue to remain top of mind for organizations everywhere. Those that collect personal data, such as healthcare providers, are held to an even higher standard and need to stay vigilant in their security practices and infrastructure.
When you’re in the business of saving lives and improving wellbeing, ensuring that sensitive data is well-protected comes with the territory. It’s not just the right thing to do—it’ll cost you if you don’t. A recent study found that the cost of the average data security breach in healthcare is $380 per record—more than 2.5 times the global average across industries. Healthcare providers also amass volumes of financial and employee data that could have huge implications if compromised.
While some healthcare providers indicated that they are confident in their ability to keep their environment and protected health information secure, these security measures may not be sufficient. PwC’s “Top health industry issues of 2018” report finds: “While 95 percent of provider executives think their practice is secure against cybersecurity threats, just 36 percent of providers and payers have access management policies in place, and 34 percent have a cybersecurity audit process in place.”
Today’s Security Threats Call for New Approaches
At the same time, healthcare organizations are increasingly adopting new cloud-based technologies as changing regulations, business models, and patient demands disrupt the industry. KLAS Research found that “70 percent of healthcare organizations have moved at least some applications or IT infrastructure off-premises, and their future plans lean heavily toward the cloud.” The survey of 144 U.S.-based healthcare organizations revealed that 17 percent of respondents have shifted their enterprise resource planning or human capital management applications off-premise, with the majority using a hosted deployment.
In addition, Deloitte’s “2017 Survey of US Health System CEOs” found that forward-looking CEOs are investing in technologies such as cloud solutions to enable access to continually updated systems, rather than housing, maintaining, and updating complex health information technology systems on-site.
Yet those aren’t the only advantages. The shift from legacy on-premise systems to cloud platforms is bolstered by a cloud system’s ability to quickly adapt to security threats. When security risks arise, a cloud provider can release fixes and features for all customers at the same time.
This agile model can also evolve as customer needs change. For instance, Workday’s single security model provides always-on auditing and encryption for sensitive finance, HR, and supply chain data, and is configurable for each healthcare organization’s needs.
Building a Culture of Security
Of course, an organization’s security practices are only as strong as its weakest link. “Current employees remain the top source of security incidents,” according to PwC’s “The Global State of Information Security Survey 2018.” Josh DeFigueiredo, Workday’s chief trust officer, has emphasized the importance of building a culture of security within your organization. He explains that security is everyone’s responsibility, and organizations should continually work to increase cybersecurity awareness, provide training, and conduct phishing exercises to educate their employees.
As healthcare data security continues to be a top priority, healthcare leaders are increasingly embracing the benefits of the secure cloud for some of their most vital business processes. The right tools, coupled with a culture of security, are the way forward for healthcare organizations that want to thrive in a rapidly changing industry.
Attending the HIMSS 2018 conference, March 5-9? Visit Workday at booth #12207 to learn more about how healthcare providers are leveraging the secure cloud in healthcare. You can also join Joe Wilson, Workday’s chief technology officer, North America, for his session at HIMSS 2018, “Managing Risk in the Cloud.”