Privacy and Security Policies for Healthcare Solutions on the Cloud

Size: px
Start display at page:

Download "Privacy and Security Policies for Healthcare Solutions on the Cloud"

Transcription

1 Privacy and Security Policies for Healthcare Solutions on the Cloud Karuna P Joshi, PhD University of Maryland, Baltimore County

2 Introduction Increasing adoption of technologies such as Electronic Health Records (EHR) to capture clinical data Mandate by Health Information Technology for Economic and Clinical Health (HITECH 09) act Variety of Medical records data can be aggregated and analyzed to personalize delivery of healthcare Huge growth in Medical/healthcare data in coming decade Cloud-based solutions are being adopted. Focus of this talk on Cloud security, privacy policies for Healthcare/Personalized Medicine.

3 Medical Records Data Provider maintain Electronic Medical Records (EMRs) Electronic records sharing between different EMR systems are called Electronic Health Records (EHRs). Interoperation and sharing among different EMRs poor. Cost and poor usability obstacles to adoption of EHR. Personal Health Record (PHR): health record that is initiated and maintained by an individual. Includes summary of EMR and EHR EHR PHR EMR

4 Current Medical Technology Picture archiving and communication system (PACS) The universal format for PACS image storage and transfer is DICOM (Digital Imaging and Communications in Medicine). PACS consists of : Imaging modalities such as X-ray, CT, MRI Secured network for the transmission of patient information Workstations for interpreting and reviewing images Archives for the storage and retrieval of images and reports PACS should interface with : Hospital information system (HIS) and Radiology Information System (RIS).

5 Health care IT services Per Certification Commission for Healthcare Information Technology (CCHIT), following electronic medical IT systems are being offered in the market Electronic Health Records (EHRs) Electronic Medical Records (EMRs) Personal Health Records (PHRs) Payer-based Health Records (PBHRs) Electronic Prescribing (E-prescribing) Medical Financial Billing/Administrative System Computerized Practitioner Order Entry (CPOE) Systems

6 Some Cloud Solutions EHR,EMR Sequencing and Genotyping Majority of them run on Amazon, Rackspace, Microsoft, etc. cloud providers.

7 Challenges with Large Medical Data Medical data at present is very large in volume running to the order of terabytes (10 12 bytes) With the increasing adoption of digitized patient records and physician s notes, it has the potential of reaching peta (10 15 ) or even exa (10 18 ) bytes of data that in itself will be difficult to manage and analyze. Data currently resides in separate silos, which prevents it from being correlated and analyzed. Few providers can afford the infrastructure, both hardware and software, needed to collect, clean, curate, and analyze this data.

8 Technical Solution: Cloud Computing Latest paradigm for delivering IT resources or applications Service/Applications are stored/run on cloud and accessed by consumers via the Internet using Computers or Mobile devices. Eukhost blog Cloud based Services can provide analytics driven personalized medicine services Available to practitioners at the point of care. X as a Service : data storage, computing power, platform E.g. cloud based PACS, CareCloud cloud based EHR, Cloud based Medical billing services

9 Advantage of Using Cloud Cloud services make data and computing capabilities portable, sharable, and accessible from any online device The objective of the HITECH Act. Significant cost savings and the option of avoiding capital investment for organizations. Elasticity: Can easily scale up or scale down their resources instantly and on-demand. Cloud services are OS-neutral, and usually easy to use. E.g. Click Care HIPAA compliant SaaS and iphone application.

10 Challenges in Using Cloud Data security / Patient Privacy (attack by Hackers) Data ownership Auditing Cloud provider Compliance and Legal issues. Issues of regulatory compliance. Provider reliability What happens if Provider goes out of business? E.g. in 2001,GE Healthcare bought health records provider Encounter EHR and eventually ended up shutting it downgiving records holders 30 days notice to reclaim their data or lose it. Not Mature, standards still developing

11 HealthCare Services on the Cloud HIS/RIS Medical imaging Real time sensors Collaborating medical teams Genome data Service Access POLICY Online Communities Healthcare Cloud Medical Billing service Cloud data Access POLICY PACS services Public data service EHR/EMR service

12 Policy driven Cloud services A semantically rich, policy-based framework can be used to automate the lifecycle of virtualized services. Proposed lifecycle by us at UMBC Identify the key policies that the Cloud service should comply with Hard constraints that have to be met - HIPAA compliant Soft constraints that can be negotiated - Cost, support Policies defined in Requirements phase Technical policies OS, Hardware, Applications, Database Data / Security Policies Privacy Policies Compliance policies

13 Healthcare Cloud Security Policy Control level over the operating systems, hardware, and software. User, resource, and data requests threshold policies Cloud provider is internal within an organizationcontrolled data center or hosted externally. Compliance requirement The Health Insurance Portability and Accountability Act (HIPAA),1996 FISMA

14 Healthcare Services Cloud Service Model Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS). Cloud Deployment Public Hybrid Community Private.

15 Cloud Data Security Policy Checklist 1. Cloud Data Location policy 2. Data Deletion policy 3. Data Encryption strategy 4. Identity Management policy 5. Service Level Agreement (SLA) Monitoring 6. Incident response 7. Cloud Forensics 8. Cloud Data Audit

16 Cloud Security/Privacy Policies Data/Cloud Location US jurisdiction Europe jurisdiction Globally located Data Deletion Archived Secure wipe Data Encryption Encryption Key management

17 Cloud Identity Management Identity Management critical Authentication Mechanism ID/Password SmartCard (CatCard) PIN 1 time PIN/PW Data accessed via a mobile device / tablet requires more authentication Authorization Methods Limited Administrator Access Group Level Access Physicians, Residents, Nurses Need-to-know access Individual based

18 Continuous SLA monitoring Monitoring of SLA critical to ensure performance and ROI Companies want to be able to translate existing Outsourcing policies into Cloud We have developed an Ontology for machine-readable Cloud SLA Available on public domain -

19 Incident Response for Cloud Services * Cloud support SLAs should include Availability timeframe of services Contingency (Business Continuity) plans Timeframes for notification and recovery following an unplanned service disruption or a security incident Problem resolution and escalation procedures Scheduled maintenance times. * Some policies of a major financial organization, industry best practices

20 Cloud Data Privacy Policies Patient Data access across services, across consumers Virtual Machine Separation Controlled Multi-tenancy Disclosure Risk Assessment Existing Data Inferred Data wsj.com

21 Healthcare Ontologies Develop a standard ontology to describe/define EHR, PACS, DICOM standards Efforts being led by US National Library of Medicine Unified Medical Language System (UMLS) OpenClinical cancer research UK GALEN and GALEN-open project Gene Ontology Consortium molecular function, biological process, cellular component

22 Summary Increasing adoption of cloud based IT services for Personalized Medicine (mandated by HITECH 09) A policy-based integrated framework to control the execution of Cloud based Health care services Declarative, semantically rich approach that helps specify policies to control the service Automate the execution and consumption of such services at point of care, protect patient privacy, and ensure compliance with appropriate policies An automated cloud based service will ensure that the physician can focus on the patient s health, and not be concerned with the IT requirements.

23 Papers available at Contact:

Karuna P Joshi, PhD. Research Asst. Professor. karuna.joshi@umbc.edu

Karuna P Joshi, PhD. Research Asst. Professor. karuna.joshi@umbc.edu Karuna P Joshi, PhD Research Asst. Professor karuna.joshi@umbc.edu Increasing adoption of technologies such as Electronic Health Records (EHR) to capture clinical data Mandate by Health Information Technology

More information

HEALTHCARE CLOUD COMPUTING (CLINICAL, EMR, SaaS, PRIVATE, PUBLIC, HYBRID) MARKET

HEALTHCARE CLOUD COMPUTING (CLINICAL, EMR, SaaS, PRIVATE, PUBLIC, HYBRID) MARKET HEALTHCARE CLOUD COMPUTING (CLINICAL, EMR, SaaS, PRIVATE, PUBLIC, HYBRID) MARKET Global Trends, Challenges, Opportunities & Forecasts (2012 2017) MarketsandMarkets sales@marketsandmarkets.com www.marketsandmarkets.com

More information

NCTA Cloud Architecture

NCTA Cloud Architecture NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

Persistence Market Research

Persistence Market Research Persistence Market Research Global Healthcare Cloud Computing Market will Reach US$12,653.4 million in 2020 - Persistence Market Research Persistence Market Research 1 Persistence Market Research Released

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Cloud Courses Description

Cloud Courses Description Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,

More information

Framework for Cloud Usability

Framework for Cloud Usability Published in proceedings of HCI International 2015 Framework for Cloud Usability Brian Stanton 1, Mary Theofanos 1, Karuna P Joshi 2 1 National Institute of Standards and Technology, Gaithersburg, MD,

More information

Benefits of Cloud Computing in EHR implementation

Benefits of Cloud Computing in EHR implementation Benefits of Cloud Computing in EHR implementation The solution of Dedalus for application interoperability in the ehealth sector Sergio Di Bona Project Manager R&D Division DEDALUS SpA Italy sergio.dibona@dedalus.eu

More information

Shaping the Cloud for the Healthcare Industry

Shaping the Cloud for the Healthcare Industry Shaping the Cloud for the Healthcare Industry Louis Caschera Chief Information Officer CareTech Solutions www.caretech.com > 877.700.8324 Information technology (IT) is used by healthcare providers as

More information

6 Cloud computing overview

6 Cloud computing overview 6 Cloud computing overview 6.1 General ISO/IEC 17788:2014 (E) Cloud Computing Overview Page 1 of 6 Cloud computing is a paradigm for enabling network access to a scalable and elastic pool of shareable

More information

What do Secure, HIPAA Compliant, Clouds Mean to SOA in Healthcare? By Shahid N. Shah, CEO www.healthcareguy.com

What do Secure, HIPAA Compliant, Clouds Mean to SOA in Healthcare? By Shahid N. Shah, CEO www.healthcareguy.com What do Secure, HIPAA Compliant, Clouds Mean to SOA in Healthcare? By Shahid N. Shah, CEO www.healthcareguy.com Who is Shahid? 20+ years of software engineering and multi-site healthcare system deployment

More information

Cloud Courses Description

Cloud Courses Description Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Security & Trust in the Cloud

Security & Trust in the Cloud Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer

More information

Orchestrating the New Paradigm Cloud Assurance

Orchestrating the New Paradigm Cloud Assurance Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Cloud Service Rollout. Chapter 9

Cloud Service Rollout. Chapter 9 Cloud Service Rollout Chapter 9 Cloud Service Topics Cloud service rollout plans vary depending on the type of cloud service SaaS, PaaS, or IaaS and the vendor. Unit Topics Identifying vendor roles and

More information

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is

More information

Cloud Computing Security Issues

Cloud Computing Security Issues Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, marchany@vt.edu Something Old, Something New New: Cloud describes the use of a collection of services, applications,

More information

Health Information Technology OIT Architecture Strategy

Health Information Technology OIT Architecture Strategy Health Information Technology OIT Architecture Strategy Enabling Technology Solutions Efficiently, Effectively, and Elegantly Table of Contents Executive Summary Current State Applications Communication

More information

Streamlining Medical Image Exchange with Cloud-Based Technology

Streamlining Medical Image Exchange with Cloud-Based Technology Streamlining Medical Image Exchange with Cloud-Based Technology DG Suite is the all-in-one solution for your image management and exchange needs. get started request a demo No Hardware. No VPNs. HIPAA

More information

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation Healthcare: La sicurezza nel Cloud October 18, 2011 Cloud Computing Tests The Limits Of Security Operations And Infrastructure Security and Privacy Domains People and Identity Data and Information Application

More information

WEB: WWW.XTREAMIT.COM EMAIL: SALES@XTREAMIT.COM PHONE:

WEB: WWW.XTREAMIT.COM EMAIL: SALES@XTREAMIT.COM PHONE: EMR365 A PRODUCTIVITY SOLUTION FOR HEALTH CARE EMR365 is an end user productivity solution by XtreamIT for hospitals and healthcare organizations. It provides a user familiar interface to doctors and medical

More information

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

ALERT LOGIC FOR HIPAA COMPLIANCE

ALERT LOGIC FOR HIPAA COMPLIANCE SOLUTION OVERVIEW: ALERT LOGIC FOR HIPAA COMPLIANCE AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE Alert Logic provides organizations with the most advanced and cost-effective means to secure their healthcare

More information

Genomics and the EHR. Mark Hoffman, Ph.D. Vice President Research Solutions Cerner Corporation

Genomics and the EHR. Mark Hoffman, Ph.D. Vice President Research Solutions Cerner Corporation Genomics and the EHR Mark Hoffman, Ph.D. Vice President Research Solutions Cerner Corporation Overview EHR from Commercial Perspective What can be done TODAY? What could be done TOMORROW? What are some

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

Brochure More information from http://www.researchandmarkets.com/reports/3050458/

Brochure More information from http://www.researchandmarkets.com/reports/3050458/ Brochure More information from http://www.researchandmarkets.com/reports/3050458/ Cloud Market In Healthcare technologies, EHR Market, Digital pathology market, Clinical, EMR, SaaS, Bioinformatics, Digital

More information

Dell s Unified Clinical Archive Solution

Dell s Unified Clinical Archive Solution Securely store and share data with multiple caregivers. Dell s Unified Clinical Archive Solution Dell s Unified Clinical Archive (UCA) offers a single-source, end-to-end solution for your medical imaging

More information

Why Migrate to the Cloud. ABSS Solutions, Inc. 2014

Why Migrate to the Cloud. ABSS Solutions, Inc. 2014 Why Migrate to the Cloud ABSS Solutions, Inc. 2014 ASI Cloud Services Information Systems Basics Cloud Fundamentals Cloud Options Why Move to the Cloud Our Service Providers Our Process Information System

More information

Streamlining Medical Image Exchange with Cloud-Based Technology

Streamlining Medical Image Exchange with Cloud-Based Technology Streamlining Medical Image Exchange with Cloud-Based Technology DG Suite is the all-in-one solution for your image management and exchange needs. No Hardware. No VPNs. HIPAA Compliant. Request a Demo Improve

More information

John Essner, CISO Office of Information Technology State of New Jersey

John Essner, CISO Office of Information Technology State of New Jersey John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management

More information

Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region

Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region 1 1) Government Cloud Journey 2) Government Clouds 3) Way Forward 2 1. Government Cloud

More information

Successful Strategies for Implementing SaaS/Cloud Solutions in Healthcare

Successful Strategies for Implementing SaaS/Cloud Solutions in Healthcare Successful Strategies for Implementing SaaS/Cloud Solutions in Healthcare WHITEPAPER Executive Summary As healthcare organizations struggle with competing priorities such as HITECH/ARRA, Meaningful option

More information

The CIO s Guide to HIPAA Compliant Text Messaging

The CIO s Guide to HIPAA Compliant Text Messaging The CIO s Guide to HIPAA Compliant Text Messaging Executive Summary The risks associated with sending Electronic Protected Health Information (ephi) via unencrypted text messaging are significant, especially

More information

Are You Prepared for the Cloud? Nick Kael Principal Security Strategist Symantec

Are You Prepared for the Cloud? Nick Kael Principal Security Strategist Symantec Are You Prepared for the Cloud? Nick Kael Principal Security Strategist Symantec What is Cloud Computing? Cloud Computing refers to the delivery of software (SaaS), infrastructure (IaaS), and/or platform

More information

An Impact of Digital Technologies Transforming In Healthcare Using Cloud Computing

An Impact of Digital Technologies Transforming In Healthcare Using Cloud Computing An Impact of Digital Technologies Transforming In Healthcare Using Cloud Computing M.Gnanavel 1,Dr.E.R.Naganathan 2, R.Saravanakumar 3, R.J.Poovaraghan 4, P.Sasikala 5 Research Scholar, SCSVMV University,

More information

Securing The Cloud With Confidence. Opinion Piece

Securing The Cloud With Confidence. Opinion Piece Securing The Cloud With Confidence Opinion Piece 1 Securing the cloud with confidence Contents Introduction 03 Don t outsource what you don t understand 03 Steps towards control 04 Due diligence 04 F-discovery

More information

White Paper on CLOUD COMPUTING

White Paper on CLOUD COMPUTING White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples

More information

Cloud Security Strategies. Fabio Gianotti, Head of Cyber Security and Enterprise Security Systems

Cloud Security Strategies. Fabio Gianotti, Head of Cyber Security and Enterprise Security Systems Cloud Security Strategies Fabio Gianotti, Head of Cyber Security and Enterprise Security Systems London, 14 October 2015 UNICREDIT AT A GLANCE Employees: more than 146.600 Branches: 8.403 Banking operations

More information

ehr Solution for HKSAR GOVT ehealth Project

ehr Solution for HKSAR GOVT ehealth Project ehr Solution for HKSAR GOVT ehealth Project 3717 Columbia Pike. Arlington, VA 22204. 703.575.8400. www.plan-sys.com October 31, 2011 People. Service. Integrity Company Profile Founded 1988 Products Core

More information

GE Healthcare. Centricity 360. Case Exchange service. Unleash the power of cloud to bring your distributed care teams together.

GE Healthcare. Centricity 360. Case Exchange service. Unleash the power of cloud to bring your distributed care teams together. GE Healthcare Centricity 360 Case Exchange service Unleash the power of cloud to bring your distributed care teams together. Centricity 360 Case Exchange streamlines clinical collaboration with unaffiliated

More information

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers How to Effectively Collaborate with Cloud Providers Speaker Bio Chad Kissinger Chad Kissinger Founder OnRamp Chad Kissinger is the Founder of OnRamp, an industry leading high security and hybrid hosting

More information

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications

More information

The Need for Service Catalog Design in Cloud Services Development

The Need for Service Catalog Design in Cloud Services Development The Need for Service Catalog Design in Cloud Services Development The purpose of this document: Provide an overview of the cloud service catalog and show how the service catalog design is an fundamental

More information

Applying Information Lifecycle Management Strategies Enables Healthcare Providers to Accelerate Clinical Workflow

Applying Information Lifecycle Management Strategies Enables Healthcare Providers to Accelerate Clinical Workflow An EMC Healthcare Perspective Applying Information Lifecycle Management Strategies Enables Healthcare Providers to Accelerate Clinical Workflow By Roberta A. Katz Healthcare Information Technology Challenges........2

More information

Achieving Cost-Effective, Vendor-Neutral Archiving For Your Enterprise

Achieving Cost-Effective, Vendor-Neutral Archiving For Your Enterprise Achieving Cost-Effective, Vendor-Neutral Archiving For Your Enterprise How To Merchandise Data for Clinical Use By: Eran Galil, PACS/Archive Product Manager, Carestream Health, BBM JoAnn Linder, RIS/PACS/Archive

More information

Cloud Security Who do you trust?

Cloud Security Who do you trust? Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud

More information

Data In The Cloud: Who Owns It, and How Do You Get it Back?

Data In The Cloud: Who Owns It, and How Do You Get it Back? Data In The Cloud: Who Owns It, and How Do You Get it Back? Presented by Dave Millier, Soban Bhatti, and Oleg Sotnikov 2013 Sentry Metrics Inc. Agenda Reasons for Cloud Adoption How Did My Data Get There?

More information

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director

More information

Amit Sheth & Ajith Ranabahu, 2010. Presented by Mohammad Hossein Danesh

Amit Sheth & Ajith Ranabahu, 2010. Presented by Mohammad Hossein Danesh Amit Sheth & Ajith Ranabahu, 2010 Presented by Mohammad Hossein Danesh 1 Agenda Introduction to Cloud Computing Research Motivation Semantic Modeling Can Help Use of DSLs Solution Conclusion 2 3 Motivation

More information

AskAvanade: Answering the Burning Questions around Cloud Computing

AskAvanade: Answering the Burning Questions around Cloud Computing AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,

More information

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers How to Effectively Collaborate with Cloud Providers Agenda Overview of Topics Covered Agenda Evolution of the Cloud Comparison of Private vs. Public Clouds Other Regulatory Frameworks Similar to HIPAA

More information

Overview of Topics Covered

Overview of Topics Covered How to Effectively Collaborate with Cloud Providers Agenda Overview of Topics Covered Agenda Evolution of the Cloud Comparison of Private vs. Public Clouds Other Regulatory Frameworks Similar to HIPAA

More information

Privacy for Healthcare Data in the Cloud - Challenges and Best Practices

Privacy for Healthcare Data in the Cloud - Challenges and Best Practices Privacy for Healthcare Data in the Cloud - Challenges and Best Practices Dr. Sarbari Gupta sarbari@electrosoft-inc.com 703-437-9451 ext 12 Cloud Standards Customer Council (CSCC) Cloud Privacy Summit Electrosoft

More information

Cloud Computing. P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r

Cloud Computing. P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r C l a s s i f i c a t i o n I S O 2 7 0 0 1 : P u b l i c Cloud Computing Prospects & Challenges P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r 1 OUTLINE Cloud Definition and Classification

More information

Clinical Trials in the Cloud: A New Paradigm?

Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo What is a Cloud? (1 of 3) "Cloud computing is a model for enabling convenient, on-demand

More information

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing

More information

VMware for your hosting services

VMware for your hosting services VMware for your hosting services Anindya Kishore Das 2009 VMware Inc. All rights reserved Everybody talks Cloud! You will eat your cloud and you will like it! Everybody talks Cloud - But what is it? VMware

More information

Security Considerations for the Cloud

Security Considerations for the Cloud June 6, 2012 Security Considerations for the Cloud Presented by: Mac McMillan CEO CynergisTek, Inc. Chair, HIMSS Privacy & Security Policy Task Force 1 2012 NIST/OCR Conference Agenda Threat Implications

More information

Health Information Technology in Healthcare: Frequently Asked Questions (FAQ) 1

Health Information Technology in Healthcare: Frequently Asked Questions (FAQ) 1 Health Information Technology in Healthcare: Frequently Asked Questions (FAQ) 1 1. What is an Electronic Health Record (EHR), an Electronic Medical Record (EMR), a Personal Health Record (PHR) and e-prescribing?

More information

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute

More information

Image Enabled EMR / EHR

Image Enabled EMR / EHR Image Enabled EMR / EHR A strategic approach to EMR integration and interoperability for diagnostic imaging and related reports The Challenge: In healthcare, imaging is routinely used as a tool for patient

More information

Why You Should Consider the Cloud

Why You Should Consider the Cloud INTERSYSTEMS WHITE PAPER Why You Should Consider the Cloud In 2014, we ll see every major player make big investments to scale up Cloud, mobile, and big data capabilities, and fiercely battle for the hearts

More information

Cloud Computing & Health Care Organizations: Critical Privacy & Security Issues - December 16, 2015

Cloud Computing & Health Care Organizations: Critical Privacy & Security Issues - December 16, 2015 Cloud Computing & Health Care Organizations: Critical Privacy & Security Issues - December 16, 2015 James B. Wieland, Principal, Ober Kaler David Holtzman, VP of Compliance, CynergisTek Welcome The slides

More information

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By:

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Peter Spier Managing Director PCI and Risk Assurance Fortrex Technologies Agenda Instructor Biography Background On

More information

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics HIPAA SERIES Topics 1. 101 for Covered Entities 2. Standards - Administrative Safeguards 3. Standards - Physical Safeguards 4. Standards - Technical Safeguards 5. Standards - Organizational, Policies &

More information

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled HEXAWARE Q & A E-BOOK ON CLOUD BI Layers Applications Databases Security IaaS Self-managed

More information

BI en Salud: Registro de Salud Electrónico, Estado del Arte!

BI en Salud: Registro de Salud Electrónico, Estado del Arte! BI en Salud: Registro de Salud Electrónico, Estado del Arte! Manuel Graña Romay! ENGINE Centre, Wrocław University of Technology! Grupo de Inteligencia Computacional (GIC); UPV/EHU; www.ehu.es/ ccwintco!

More information

The Cloud. JL Cabrera LTEC 4550

The Cloud. JL Cabrera LTEC 4550 The Cloud JL Cabrera LTEC 4550 Introduction What is the Cloud? Cloud Basics What can the cloud bring to business? Costs and Benefits Capacity and Agility Risks to evaluate prior to proceeding into the

More information

Information Auditing and Governance of Cloud Computing IT Capstone 4444 - Spring 2013 Sona Aryal Laura Webb Cameron University.

Information Auditing and Governance of Cloud Computing IT Capstone 4444 - Spring 2013 Sona Aryal Laura Webb Cameron University. Information Auditing and Governance of Cloud Computing IT Capstone 4444 - Spring 2013 Sona Aryal Laura Webb Cameron University P a g e 1 P a g e 2 Table of Contents Abstract... 3 Introduction... 3 Previous

More information

Automating Cloud Service Level Agreements using Semantic Technologies

Automating Cloud Service Level Agreements using Semantic Technologies In proceedings of CLaw Workshop, IEEE International Conference on Cloud Engineering (IC2E), March 2015 Automating Cloud Service Level Agreements using Semantic Technologies Karuna Pande Joshi and Claudia

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

Compliance and the Cloud: What You Can and What You Can t Outsource

Compliance and the Cloud: What You Can and What You Can t Outsource Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Kate Donofrio Security Assessor Fortrex Technologies Instructor Biography Background On Fortrex What s In A Cloud? Pick

More information

HEALTHCARE IN THE CLOUD

HEALTHCARE IN THE CLOUD HEALTHCARE IN THE CLOUD Baldur Johnsen, Director Healthcare Provider Product Management Office of Strategy & Technology HP Business Solutions Organization 2010 Hewlett-Packard Development Company, L.P.

More information

HIPAA Compliance and the Protection of Patient Health Information

HIPAA Compliance and the Protection of Patient Health Information HIPAA Compliance and the Protection of Patient Health Information WHITE PAPER By Swift Systems Inc. April 2015 Swift Systems Inc. 7340 Executive Way, Ste M Frederick MD 21704 1 Contents HIPAA Compliance

More information

HIPAA Compliance Guide

HIPAA Compliance Guide HIPAA Compliance Guide Important Terms Covered Entities (CAs) The HIPAA Privacy Rule refers to three specific groups as covered entities, including health plans, healthcare clearinghouses, and health care

More information

Secure Cloud Computing through IT Auditing

Secure Cloud Computing through IT Auditing Secure Cloud Computing through IT Auditing 75 Navita Agarwal Department of CSIT Moradabad Institute of Technology, Moradabad, U.P., INDIA Email: nvgrwl06@gmail.com ABSTRACT In this paper we discuss the

More information

> Solution Overview COGNIZANT CLOUD STEPS TRANSFORMATION FRAMEWORK THE PATH TO GROWTH

> Solution Overview COGNIZANT CLOUD STEPS TRANSFORMATION FRAMEWORK THE PATH TO GROWTH > Solution Overview COGNIZANT CLOUD STEPS TRANSFORMATION FRAMEWORK A comprehensive, tool-based framework speeds up the time to value for your cloud-enabled business transformation projects. It s accepted:

More information

Digital Healthcare: Author. A HIPAA compliant cloud strategy. Choosing a Cloud Service Provider. Alex Ginzburg

Digital Healthcare: Author. A HIPAA compliant cloud strategy. Choosing a Cloud Service Provider. Alex Ginzburg : A HIPAA compliant cloud strategy. Choosing a Cloud Service Provider Author Alex Ginzburg VP of Technology, Intervention Insights, Inc. Kanda Software 200 Wells Ave, Newton, MA 02459 617-340-3850 Over

More information

AUDITING TECHNIQUES TO ASSESS FRAUD RISKS IN ELECTRONIC HEALTH RECORDS

AUDITING TECHNIQUES TO ASSESS FRAUD RISKS IN ELECTRONIC HEALTH RECORDS AUDITING TECHNIQUES TO ASSESS FRAUD RISKS IN ELECTRONIC HEALTH RECORDS OBJECTIVE Increase your IT vocab so that you can assess the risks related to your audits of EHRs and/or EHR related data AGENDA What

More information

CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST618 Designing and Implementing Cloud Security CAST

CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST618 Designing and Implementing Cloud Security CAST CENTER FOR ADVANCED SECURITY TRAINING 618 Designing and Implementing Cloud Security About EC-Council Center of Advanced Security Training () The rapidly evolving information security landscape now requires

More information

The HIPAA Security Rule: Cloudy Skies Ahead?

The HIPAA Security Rule: Cloudy Skies Ahead? The HIPAA Security Rule: Cloudy Skies Ahead? Presented and Prepared by John Kivus and Emily Moseley Wood Jackson PLLC HIPAA and the Cloud In the past several years, the cloud has become an increasingly

More information

Preparing for the Convergence of Healthcare, SOA, and Cloud Computing

Preparing for the Convergence of Healthcare, SOA, and Cloud Computing David S. Linthicum david@bluemountainlabs.com www.bluemountainlabs.com Preparing for the Convergence of Healthcare, SOA, and Cloud Computing 2006 The Linthicum Group. All Rights Reserved. Reproduction

More information

ICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs

ICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs ICSA Labs Risk and Privacy Cloud Computing Series Part I : Balancing Risks and Benefits of Public Cloud Services for SMBs The security challenges cloud computing presents are formidable, including those

More information

Deploying a Geospatial Cloud

Deploying a Geospatial Cloud Deploying a Geospatial Cloud Traditional Public Sector Computing Environment Traditional Computing Infrastructure Silos of dedicated hardware and software Single application per silo Expensive to size

More information

The value MIE delivers can be summed up in two words:

The value MIE delivers can be summed up in two words: The value MIE delivers can be summed up in two words: minimally TM invasive EHR WebChart EHR Portfolio minimally invasive TM Philosophy The MIE architecture was built to have a minimally invasive impact

More information

Providence- OHSU Informatics Course

Providence- OHSU Informatics Course Providence- OHSU Course Logistics, Detailed Curriculum, Learning Objectives, and Other Information William Hersh, M.D. Department of Medical & Clinical Epidemiology Oregon Health & Science University Course

More information

Dionseq Uatummy Odolorem Vel

Dionseq Uatummy Odolorem Vel W H I T E P A P E R Aciduisismodo Hitachi Clinical Dolore Repository Eolore Dionseq Uatummy Odolorem Vel Address the Multidepartmental Digital Imaging Conundrum with Enterprise-level Data Management By

More information

HIPAA/HITECH Compliance Using VMware vcloud Air

HIPAA/HITECH Compliance Using VMware vcloud Air Last Updated: September 23, 2014 White paper Introduction This paper is intended for security, privacy, and compliance officers whose organizations must comply with the Privacy and Security Rules of the

More information

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Cloud Computing: Contracting and Compliance Issues for In-House Counsel International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,

More information

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. Gunnar Wahlgren 1, Stewart Kowalski 2 Stockholm University 1: (wahlgren@dsv.su.se), 2: (stewart@dsv.su.se) ABSTRACT

More information

Tips For Buying Cloud Infrastructure

Tips For Buying Cloud Infrastructure 27 Tips For Buying Cloud Infrastructure A Comprehensive list of questions to ask yourself when reviewing potential cloud providers By Christopher Wilson @chrisleewilson Table of Contents Intro: Evaluating

More information

PRIVATE CLOUD SECURITY CHALLENGES, AFFORDABILITY AND ANSWER TO A RELIABLE AND MODERNIZED MULTI-BIOMETRICS IDENTIFICATION SOLUTIONS

PRIVATE CLOUD SECURITY CHALLENGES, AFFORDABILITY AND ANSWER TO A RELIABLE AND MODERNIZED MULTI-BIOMETRICS IDENTIFICATION SOLUTIONS PRIVATE CLOUD SECURITY CHALLENGES, AFFORDABILITY AND ANSWER TO A RELIABLE AND MODERNIZED MULTI-BIOMETRICS IDENTIFICATION SOLUTIONS Identification technology has progressed from just being fingerprint matching

More information

Cloud Computing and Records Management

Cloud Computing and Records Management GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version

More information

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment

More information