Your keys to safer, even more secure healthcare cloud services
In my last HealthBlog post, I made the case that we need to focus more on simplicity in healthcare and health IT. Simplicity should be the watchword for solutions in 2015. Thus far, many technology, business and delivery system solutions in the healthcare sector seem to be making life harder instead of better. Isn’t technology supposed to help set us free?
I think cloud computing and storage falls into the category of something that should make health IT solutions better, more scalable, easier to manage, easier to use, and less costly. Now, I’ll admit that when the world first started talking about cloud computing for healthcare, I was a bit of a skeptic. However, I also know that both IT leaders and clinicians have long been seeking solutions that don’t take a basement full of servers and a large staff of IT professionals to manage. “Plug and Play” is a much better strategy for healthcare if you can find it. For that reason alone, health customers around the world have been migrating more and more of their IT to the cloud. The cloud delivers greater simplicity and helps lower costs.
Of course in healthcare, especially where personally identifiable health information is at play, you can’t just focus on simplicity without paying a whole lot of attention to privacy and security. If anything keeps healthcare organizations at distance from considering public cloud solutions for their IT needs, it is concerns about that. Many of those concerns can be addressed by working with IT providers that are fully HIPAA aware and willing to sign Business Associate Agreements (BAA) with their clients. But I think health organization IT leaders are seeking even more assurance than that when they turn over their precious data for safe keeping with a public cloud services provider. They are also seeking world-class tools to help manage the services and data they are trusting to the cloud. That’s why today’s announcement from Microsoft is good news for hospitals and health organizations. Forgive me if this is a bit techie, but I know IT professionals will fully appreciate the news about something we are calling Azure Key Vault.
Azure Key Vault helps customers safeguard and control keys and secrets using a Hardware Security Module (HSM) appliance in the cloud, with ease and at cloud-scale. Key Vault can be configured in minutes, without the need to deploy, wait for, or manage an HSM and has a single programming model across HSM-protected and software-protected keys.
This makes it easier and more economical for customers to encrypt sensitive data, sign certificates, and safeguard secrets in the cloud. For example, with Key Vault, customers can easily encrypt a SQL Server Virtual Machine with TDE (Transparent Data Encryption) using the SQL Server Connector available for Key Vault. Furthermore, customers can deploy an encrypted Virtual Machine with CloudLink SecureVM with the master keys in Key Vault.
So, there you have it. One more reason for hospitals and healthcare systems to turn to the cloud to simplify what they do and help IT departments focus more on their organization’s core business (patient care) and less on projects to maintain complex IT infrastructure and storage. For those of you reading this who don’t mind a technical deep-dive, see this blog post for more in-depth technical information: http://blogs.technet.com/b/kv/archive/2015/01/08/azure-key-vault-making-the-cloud-safer.aspx
Bill Crounse, MD Senior Director, Worldwide Health Microsoft