Membership
Become a Member
Enterprises
Solution Providers
Startups
Current Members
Solution Providers
Affiliates
Assurance
STAR Program
STAR Levels
View Registry
Submit to Registry
Provide Feedback
GDPR Code of Conduct for STAR
STAR Resources
CAIQ
Cloud Controls Matrix
GDPR Code of Conduct
CAIQ-Lite
CSA-OneTrust VRM Tool
GDPR
Download the Code of Conduct
Submit Code of Conduct to the Registry
Resource Center
Global Consultancy
Become a Consulting Partner
Find a Consulting Service
Certificates & Training
Certificates
CCSK
CCAK
Trainings
CCAK (Coming Soon)
CCSK Lectures
CCSK Lectures + Labs
Advanced Cloud Security Practitioner
Register for Training
For Individuals
For Enterprises
Instructors
Become an Instructor
Training Partners
Become a Training Partner
Webinars
Cloudbytes
Research
GDPR
Events
Americas
APAC
EMEA
Research
What We Do
Research Working Groups
CSA Research Lifecycle
Research Publications
Security Guidance v4
Cloud Controls Matrix (CCM)
IoT Framework
Contribute
Open Peer Reviews
Surveys
Volunteer FAQ
Ron Knode Award
Working Groups
Internet of Things
DevSecOps
Software Defined Perimeter
Blockchain
Cloud Controls Matrix
EMEA Projects
APAC Projects
Community
About Circle
Create an Account
Login to Circle
How To Get Started
Blog
Events
Americas
APAC
EMEA
Chapters
Global Chapters
Form a Chapter
About
About CSA
Board
History
CSA Staff
CSA EMEA
Press Releases
News Coverage

Health Information Management

Latest ResearchJoin Group
Managing the Risk for Medical Devices Connected to the Cloud
Managing the Risk for Medical Devices Connected to the Cloud

Download

Research Home
View Working Groups
Contribute
Download Publications
Join this working group
Home
Research
Working Groups
Health Information Management
The healthcare industry faces significant challenges, somewhat unique to other industries. It requires the collection of huge amounts of sensitive data, that pose significantly longer-term risks compared to other industries. Moreover, the data is inherently more attractive to hackers than other types of data that can be accessed and exploited. As a result, there are a cascade of negative impacts to those organizations successfully attacked: there can be significant fines/penalties or legal actions extracted by regulatory agencies such as HHS, FDA and GDPR. 
From a risk perspective, the damages cannot be fully mitigated such as in financial services with credit card cancellation or closed bank accounts. Private patient data can be re-sold, recycled and reused in an endless cycle of fraud and abuse! Without improved and more effective interventions, the outcomes are very predictable. As more sensitive data moves to the cloud, and more cloud providers, the volume of targets will grow and the volume of data will grow exponentially. The Cloud Security Alliance is committed to its continuation of providing research on all aspects of cloud computing including best practices and guidelines for effective security and compliance. 

Health Information Management

The main objective of this working group is to provide direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications and storage) to their clients.
Join Group

Next Meeting

Jan 20, 2021, 11:30AM PST
Join the Meeting


Working Group Leadership

Vincent Campitelli Headshot

Vincent Campitelli

Dr. Jim Angle Headshot

Dr. Jim Angle

Join this working group

Cloud Security Research for Healthcare

CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.

Telehealth Data in the Cloud

Telehealth Data in the Cloud

In the wake of COVID-19 Health Delivery Organizations (HDOs) are rapidly increasing their utilization of telehealth capabilities like Remote Patient Monitoring (RPM) and telemedicine so treat patients without leaving their home. This paper addresses the privacy and security concerns related to processing, storing, and transmitting patient data in the cloud for telehealth solutions.

Access this report
Managing the Risk for Medical Devices Connected to the Cloud

Managing the Risk for Medical Devices Connected to the Cloud

This paper explains how to manage medical devices based on their proximity to the patient and introduce practices to secure the use of cloud computing for medical devices. The first section describes requirements for purchasing new devices to ensure the identification and mitigation of vulnerabilities prior to implementation. The second section describes how to manage the risk based on the proximity of the device to the patient. 

Access this report
Healthcare Big Data in the Cloud

Healthcare Big Data in the Cloud

In the area of healthcare, big data sharing and analysis can aid in the identification and treatment of diseases as well as predicting epidemics. The use of cloud computing allows for big data analytics and collaboration, but with the use of cloud computing come the challenges associated with security and regulatory compliance. This paper will look at big data and some use cases for big data in healthcare, the impact of big data on healthcare, regulatory requirements for Protected Health Information (PHI) in the cloud, and securing PHI in the cloud. 

Access this report
View All Research

Develop Custom Research with CSA

Work with CSA to develop custom research that aligns with your organizations internal initiatives. Oftentimes there are topics or domains of security that are lacking current best practices or guidance. Ensure your internal initiatives align with the latest developments within the cloud security community by collaborating with CSA. This benefit along with others, are open to CSA Enterprise Members. 



Learn more

Blog Posts

Healthcare Big Data in the Cloud Summary
Read Now
IT and Cyber Security Challenges in Healthcare Industry
Read Now