‘Cloud’-this, ‘cloud’-that, everyone seems to be using the term ‘the cloud’ when they refer to an Internet space where information can be sent, stored, and accessed.
What the cloud actually is has been around for some time but this terminology to describe it is more recent. It’s really just another way to classify the process of computing services and accessing information and data through the Internet.
And as with all data stored on the Internet, security is an important concern and something that clients often ask about, particularly when it comes to medical information, which is our specialty.
The fact is, patient medical information that is accessed through and stored via the cloud is secure, perhaps more so than traditional hard-copy medical files.
Our own cloud-based system, ClinicAid is an online billing system for medical practices.
We recognize that maintaining the security of medical information is paramount and that is why our data is encrypted and backed up continuously to ensure its security and reliability.
When a medical practice opts for a cloud-based system they need to feel confident that their data is safeguarded in multiple locations. With ClinicAid for example, a medical practice’s data is secured in numerous locations throughout Canada to ensure among other things, that there is not loss of data in the event of a catastrophe. Data is backed up daily and replicated across facilities.
In addition, the data centers used are designed to protect from unwanted access theft and physical damage from fire and water. There are also multiple security checkpoints between the door and our servers and the site is monitored by cameras around the clock.
There are different levels of cloud security. According to Wayne Walls, in writing for the Rackspaceblog,
SaaS(Software as a Service) is considered the top level of cloud applications. A full application has been built, security has been baked in at every level and you now have the least amount of responsibility in ensuring application security. You are not relieved of all security management, this is just traditionally where the least amount of management has to occur, and that is enticing to many businesses.
According to Walls, typically the further down the stack a cloud offering is, the more responsible the manager is for implementing and overseeing security.
Ultimately, he says, security in the cloud is a shared responsibility between the user and the cloud hosting provider. His advice is for both parties to understand what the other provides in terms of security, as well as the legal and contractual aspects.
So for the typical medical practice, adopting a cloud-based system can be secure, practical, and make a lot of sense.