[ad_1]
Discover how HealthEdge offers with safety and knowledge privateness within the face of fast enlargement.
The healthcare sector is below fixed assault from cybercriminals. They search to infiltrate programs; expose affected person knowledge, medical information and personally identifiable data; and extort tens of millions of {dollars} in ransom. The Verizon Data Breach Investigations Report went as far as to declare the trade “under siege” because of the extent of its vulnerability downside.
“Healthcare is beset by ransomware gangs and this led to an increase in confirmed data breaches in 2022,” stated Suzanne Widup, a researcher for the Verizon Data Breach Investigation Report. “Healthcare is seen as a soft target where there are a lot of internal errors that lead to vulnerabilities,” Widup added.
The report famous a rise in confirmed knowledge breaches as a result of ransomware encryption in healthcare over the previous couple of years. These assaults are leading to extra knowledge being compromised, greater ransoms being demanded and longer outages being suffered by healthcare suppliers.
Healthcare SaaS-based digital payer platform HealthEdge lives on this difficult surroundings. As effectively as having to take care of hackers, it should adhere to strict legal guidelines and rules reminiscent of HIPAA and quite a few knowledge privateness guidelines. Security and compliance are excessive priorities.
See additionally: A safety component typically neglected by executives
The firm hosts its software program in numerous colocation websites with the variety of websites rising as a result of fast enlargement. In order to behave as accountable stewards of the data entrusted to them by their clientele, HealthEdge makes use of a variety of methods.
HealthEdge’s safety methods
All-flash arrays
The firm made a strategic transfer to transition from onerous disk drive programs to a lot sooner and extra compact flash storage from Pure Storage. These models embrace numerous security measures, together with snapshotting, immutability and clever file indexing that delivers correct model monitoring and recoverability of information.
Previously, HealthEdge had applied a hyper-converged storage platform. These massive cupboards contained storage, compute and networking elements. The cupboards had been pre-engineered to combine intently and ship excessive efficiency. They carried out effectively of their day however now not met the group’s wants, the corporate stated.
Due to an enormous improve in storage capability calls for, the price of including these massive home equipment grew to become prohibitive. It wasn’t potential to only add storage. Users needed to buy the complete field with a predefined quantity of storage, compute energy and networking functionality.
“We were seeing storage capacity growth of 30% or more per year, and these units became expensive to scale,” stated Kendra Rozett McCormick, senior supervisor of datacenter and community operations at HealthEdge. “Maintenance of these boxes was difficult as we were dealing with consistent disk failures and high costs,” McCormick stated.
As effectively as switching to all-flash arrays, the corporate subscribes to its Evergreen program. This offers continuous upgrades to the newest direct flash modules, controllers and software program with out having to interact in disruption by switching out storage arrays.
See additionally: How knowledge governance impacts knowledge safety and privateness
Secure level to circuit
Another safety technique employed at HealthEdge is safe level to circuit. Data transfers are difficult because of the sheer quantity of data and the potential of knowledge loss or a knowledge breach throughout the switch. Thus, HealthEdge stated it determined to improve from conventional VPNs to a devoted point-to-point circuit. As effectively as improved safety, the circuit offers higher efficiency, monitoring and troubleshooting.
Authentication
HealthEdge’s high-speed connectivity answer provides safe consumer authentication through OpenID Connect and/or SAML 2.0 protocols for consumer authentication. These allow prospects to authenticate their customers through a safe Identity Provider. As a end result, delicate credentials are solely despatched on to the client’s IdP.
Payer authentication is delegated to the client’s IdP. This permits purchasers to use their very own password insurance policies independently with out HealthEdge involvement. Multi-factor authentication is included. Users should use two or extra classes of authentication to confirm their identification, reminiscent of a singular token or a biometric.
Single sign-on was arrange as a one-time exercise. Once applied, the identical configuration works seamlessly throughout all the environments that make up a specific well being plan. It encompasses manufacturing, pre-production, check and improvement. SSO accelerates deployments and upgrades and reduces operational prices whereas sustaining safety.
See additionally: A glance into Data Privacy Week, 2023
Network safety
Dedicated circuits arrange a Layer 3 connection level between HealthEdge and buyer knowledge facilities. This connection level serves because the entry level for the devoted circuit and facilitates the switch of information between HealthEdge and consumer infrastructure. To hold it safe, a Network Address Translation IP tackle is required as an endpoint for routing site visitors. This ensures that knowledge is directed accurately between HealthEdge and the client community with excessive efficiency and reliability. To additional improve resilience, an IPsec VPN tunnel can also be established as a passive, redundant connection. In the occasion of the devoted circuit turning into unavailable, the IPsec VPN tunnel acts as a backup, enabling continued knowledge switch.
Disaster restoration
Finally, catastrophe restoration plans are developed for every HealthEdge consumer. These plans are examined and up to date recurrently to make sure they continue to be efficient by the HealthEdge IT safety and compliance workforce. Simulations are executed to establish gaps or weaknesses within the plans, in addition to make sure the plan is per modifications to enterprise operations or IT infrastructure.