Reduce Admissions and SAVE with Analytics – Transform Your Healthcare Enterprise with Data Analytics (Part 3)

Healthcare data analytics has great potential to enhance an organization’s performance. Decision makers for healthcare providers are considering data analytics to reduce their increasing costs and bolster the healthcare provided to patients/consumers. 80% of providers are able to improve patient care and 60% of providers reported reduced readmissions after adopting data analytics.

In the previous two posts, we described how healthcare providers benefit with data analytics. In this post, we will provide a few tips for how healthcare organizations can adopt data analytics without any hassle. But first, it’s better to discuss the challenges organizations are facing for analytics adoption.

Continue reading →

Transform Your Healthcare Enterprise with Data Analytics (Part 2)

Because of intense competition, healthcare providers and organizations are forced to look for ways to enhance outcomes for consumers and patients, while simultaneously reducing costs. Healthcare organizations generate massive amounts of data and because the data is a key factor to identifying the areas where an organization needs improvement, organizations need techniques such as data analytics to gather data together and analyze it for better outcomes.

With data analytics, a proliferating number of organizations are transforming themselves to becoming data-driven in recent years. Analytics may be descriptive, predictive, or prescriptive (an overview of them was discussed in the previous post). In this post, we discuss how healthcare providers can use data analytics to achieve their organizational goals such as cost reduction, clinical decision support, better care coordination, patient wellness improvement, and fraud prevention.

Continue reading →

Transform Your Healthcare Enterprise with Data Analytics

 

Healthcare organizations are dealing with issues such as reducing costs and bolstering productivity when they intend to enhance patient care. Over the past few years the way healthcare has been delivered by providers has been changing drastically to enhance patient-provider relationships. Increasing access to social media and mobile technologies has also changed the way patients receive healthcare from providers.

Why must you transform your healthcare enterprise to become data driven?

Let’s go over how health care was provided in the past – when you get sick, you visit the doctor and he/she prescribes medication and you use the medicine for a few days. It’s okay if you recover, otherwise you visit the doctor again and another medicine is prescribed and used. Look at the suffering you go through and how lousy and uncomfortable the process is.

Now, with data analytics your doctor can provide you with personalized treatment with an analysis of your health history and other mitigating factors. You receive the right treatment at the earliest possibility without the lousy procedures.

To deliver personalized healthcare, organizations in the U.S. are transforming themselves to become data-driven with data analytics. It is a patient centric and value-based approach that delivers enhanced healthcare. Organizations must know the value of their data and consider it an asset to make their services more patient-centric. Healthcare providers must become data driven to survive in the industry.

Continue reading →

Cloud Security Issues and Solutions – A Preparation to Offset Cloud Security Risks (Part 3)

Cloud computing is a service that goes beyond server virtualization technology. In the last post, I have shared my thoughts on possible solutions to the ensure security of your data in the SaaS cloud service delivery model. In this post, I would like to uncover PaaS and IaaS cloud service delivery model security issues and solutions.

PaaS security issues and possible solutions:

The PaaS model is similar to SaaS with the only difference being that your cloud service provider offers an application development environment instead of a server deployment environment to run an application. You can run applications pertaining to your business requirements using a provided compliant development tool. Either a web-based or an enterprise network development environment is used to develop an application with the technical code blocks provided by your cloud service provider.

If you choose the PaaS model, then you may have to find ways to manage data security issues, authentication, access and authorization issues, as well as, working with distributed applications.

Authentication, Access, and Authorization (AAA) issues:

You have to share the PaaS cloud development environment with other customers of your provider. So, efficient authentication, access control, and authorization frameworks should be deployed by your provider to ensure the separation of every customer.

Whatever attacks you encounter with non-cloud environments, the same kind of attacks such as phishing and impersonation are possible with cloud development environments. As the application development authentication, access control and authorization are under cloud service providers, most organizations drop the proposal of moving to the cloud.

You have to judge your PaaS cloud service provider’s authentication, access control and authorization framework efficiency by estimating the level of security provided to your application in the cloud.  You need to ask questions about the mechanism used to authenticate usernames and passwords, how data is accessed, and about their application-based authorization verification mechanisms.

Possible solutions to address AAA issues are –

• Your PaaS provider should address password complexity requirements.
• For effective identity management, end to end encryption is essential. Your provider should use cryptographic hashing mechanisms.
• Role-based user accounts authorization framework can enable users to access control the application as per their role. So, modifications and data access control at the application level can be assigned to a specific role and protected with stringent authorization permission.

Data Security:

An application needs data that is not encrypted to process it. To secure data in the cloud, it is encrypted and stored, so the level of data security is reduced in the cloud when a PaaS application processes it. The possible solution is not moving sensitive business data or at least not allowing it to be processed by the PaaS application.

Distributed applications:

Though cloud provides scalability and agility, the distributed applications that are intended to move to the cloud should be tuned to tackle design and security issues. Working with distributed applications within the enterprise network environment is simple, but when migrated to the cloud they can become hard to manage if they are not synchronized to the cloud environment.

IaaS security issues and possible solutions:

IaaS cloud service delivery model provides computing infrastructure on an outsourced basis to organizations to perform business operations. Depending whether you choose a public cloud or private cloud, IaaS security issues vary. With a private cloud, you can access, control and manage computers, as well as the network and storage infrastructure. With a public cloud, you can only manage virtual machines and the services you create on them.

For both private and public cloud, there are certain security issues that you should consider.

Data Leakage:

When the IaaS model is deployed in a public or hybrid cloud, it can encounter data leakage issues and you can manage them by creating a transparent process that expounds who can access the data and what happens after it is accessed.

Authentication and Authorization:

Robust authentication and authorization frameworks can ensure effective Data Loss Prevention. You need to ask your cloud service provider to implement a two-factor or multifactor authentication process to access the critical data.

End to End Logging and Reporting:

A comprehensive range of logging and reporting methods are required when you want to deploy IaaS in private, public and hybrid clouds effectively. With robust logging and reporting mechanisms, you can track where your data is stored, how the data is accessed, and which virtual machines monitor and store the data.

End to End Encryption:

To prevent offline attacks, you need to encrypt complete information that moves to the cloud. You need to even encrypt communications between virtual machines and other resources in the IaaS cloud computing infrastructure.

Information security is a major consideration for cloud adoption. You transform your business to a secure cloud environment by choosing a provider who can deploy security features in the cloud. You need to ask your cloud service provider tough questions with the knowledge you gleaned from these posts. You also need to ask about data location, technologies used and compliance to industry standards.

Sudhakar Goverdhanam
CEO Prime Technology Group LLC

Cloud Security Issues and Solutions – A Preparation to Offset Cloud Security Risks (Part 2)

 

Cloud computing has drawn the attention of companies belonging to distinct verticals such as healthcare, insurance, finance and banking. It reduces IT expenses and improves an organization’s operational efficiency; however, there are significant security issues for data in the cloud. The uncertainty of the level of security to data in the cloud could be a concern to many organizations. It is important for companies to learn as much as they can about cloud security as they being to transfer their organizations to the cloud.

The three cloud service delivery models – SaaS, PaaS and IaaS, have their own level of benefits and security issues. In this post, security concerns that make organizations uncomfortable about adopting SaaS are uncovered and possible solutions are discussed.

Using the internet as a medium, users or customers can access applications hosted in the cloud remotely.  With SaaS, you enable your customers to access your business applications through a browser or a mobile app. You can call it a web-based model and your IT services company manages everything, from databases to application upgrades, saving you time and costs on IT operations.

The SaaS delivery model is gaining popularity as it enables enterprises to meet their IT needs. It can deliver the same level of robust functionality of on-premise systems for small to medium businesses, but it still needs to become more efficient in terms of offerings and solutions for a large organization’s complex business requirements.

Though the majority of companies have transferred their business operations to the cloud, there are companies that are still uncomfortable with SaaS and their reason is the lack of visibility of data being stored in the cloud. Your IT services company’s efficiency can alleviate these security concerns. However, there is something you can do to minimize the issues.

• All SaaS cloud based applications are accessed using private user credentials. Your inefficient password management gives makes it possible for hackers to gain access to your data in the cloud. Creating strong passwords, using phrases, and changing them often is best practice.
• An application passes information between client and server with a protocol before a user accesses it. If insecure protocols such as FTP, IMAP, POP and others are used, then the possibility of your data being insecure is high. So, you should ask your IT services company whether they are using secure protocols such as FTTPS or HTTPS.
• Your provider may allow the cloud users to extend the application. Proper training on API is required to do that, otherwise security issues can occur.

Before you choose to invest in cloud computing, you should perform proper research on the service to try to learn as much as possible about the cloud service provider and how can they overcome security issues such as data security, data control, and data location.

Data Security: In the SaaS model, the cloud obtains susceptible data from enterprises. SaaS application processes the data obtained and stores it at the provider end. So, your provider should use proper security principles and standards for security issues. The data that flows across the network should always be protected using strong network traffic encryption techniques. You should check with your provider about the techniques and strategies to use, to minimize the security risks.

Data Control: You will have no idea how your IT services company controls and secures your data in the cloud, so you should know the backup procedures that are applied during worst case scenarios. The Service Level Agreement contract from your IT service company should include backup solutions.

Data Location: As per the USA Federal Information Security Management Act, data should be stored within the geographic location of the country. Data in web-based applications can move dynamically, so your provider should ensure that their SaaS solutions adhere to standard security procedures.

Here are a few additional points:

• Your provider should use secure SaaS deployment that ensures mitigation of data security issues. Applications should be deployed in a cloud with strong deployment configurations.
• Your provider should conduct regular application and network vulnerability assessments.
• Your provider should conduct regular GRC audits to conform to local government regulations regarding sensitive data storage.

 

Sudhakar Goverdhanam
CEO Prime Technology Group LLC