Uncover how HealthEdge offers with safety and knowledge privateness within the face of speedy enlargement.
The healthcare sector is underneath fixed assault from cybercriminals. They search to infiltrate methods; expose affected person knowledge, medical data and personally identifiable data; and extort hundreds of thousands of {dollars} in ransom. The Verizon Information Breach Investigations Report went as far as to declare the trade “underneath siege” as a result of extent of its vulnerability downside.
“Healthcare is beset by ransomware gangs and this led to a rise in confirmed knowledge breaches in 2022,” stated Suzanne Widup, a researcher for the Verizon Information Breach Investigation Report. “Healthcare is seen as a delicate goal the place there are plenty of inner errors that result in vulnerabilities,” Widup added.
The report famous a rise in confirmed knowledge breaches as a consequence of ransomware encryption in healthcare over the previous couple of years. These assaults are leading to extra knowledge being compromised, greater ransoms being demanded and longer outages being suffered by healthcare suppliers.
Healthcare SaaS-based digital payer platform HealthEdge lives on this difficult atmosphere. In addition to having to cope with hackers, it should adhere to strict legal guidelines and laws similar to HIPAA and quite a few knowledge privateness guidelines. Safety and compliance are excessive priorities.
See additionally: A safety ingredient typically ignored by executives
The corporate hosts its software program in numerous colocation websites with the variety of websites rising as a consequence of speedy enlargement. With a purpose to act as accountable stewards of the knowledge entrusted to them by their clientele, HealthEdge makes use of various methods.
HealthEdge’s safety methods
All-flash arrays
The corporate made a strategic transfer to transition from onerous disk drive methods to a lot sooner and extra compact flash storage from Pure Storage. These items embody numerous safety features, together with snapshotting, immutability and clever file indexing that delivers correct model monitoring and recoverability of recordsdata.
Beforehand, HealthEdge had applied a hyper-converged storage platform. These giant cupboards contained storage, compute and networking parts. The cupboards have been pre-engineered to combine intently and ship excessive efficiency. They carried out properly of their day however not met the group’s wants, the corporate stated.
Due to an enormous enhance in storage capability calls for, the price of including these giant home equipment grew to become prohibitive. It wasn’t potential to only add storage. Customers needed to buy your complete field with a predefined quantity of storage, compute energy and networking functionality.
“We have been seeing storage capability progress of 30% or extra per 12 months, and these items grew to become costly to scale,” stated Kendra Rozett McCormick, senior supervisor of datacenter and community operations at HealthEdge. “Upkeep of those bins was troublesome as we have been coping with constant disk failures and excessive prices,” McCormick stated.
In addition to switching to all-flash arrays, the corporate subscribes to its Evergreen program. This offers continuous upgrades to the newest direct flash modules, controllers and software program with out having to have interaction in disruption by switching out storage arrays.
See additionally: How knowledge governance impacts knowledge safety and privateness
Safe level to circuit
One other safety technique employed at HealthEdge is safe level to circuit. Information transfers are difficult as a result of sheer quantity of data and the potential for knowledge loss or a knowledge breach through the switch. Thus, HealthEdge stated it determined to improve from conventional VPNs to a devoted point-to-point circuit. In addition to improved safety, the circuit offers higher efficiency, monitoring and troubleshooting.
Authentication
HealthEdge’s high-speed connectivity resolution presents safe person authentication by way of OpenID Join and/or SAML 2.0 protocols for person authentication. These allow clients to authenticate their customers by way of a safe Id Supplier. Because of this, delicate credentials are solely despatched on to the client’s IdP.
Payer authentication is delegated to the client’s IdP. This enables purchasers to use their very own password insurance policies independently with out HealthEdge involvement. Multi-factor authentication is included. Customers should use two or extra classes of authentication to confirm their identification, similar to a novel token or a biometric.
Single sign-on was arrange as a one-time exercise. As soon as applied, the identical configuration works seamlessly throughout all the environments that make up a selected well being plan. It encompasses manufacturing, pre-production, check and growth. SSO accelerates deployments and upgrades and reduces operational prices whereas sustaining safety.
See additionally: A glance into Information Privateness Week, 2023
Community safety
Devoted circuits arrange a Layer 3 connection level between HealthEdge and buyer knowledge facilities. This connection level serves because the entry level for the devoted circuit and facilitates the switch of knowledge between HealthEdge and consumer infrastructure. To maintain it safe, a Community Handle Translation IP handle is required as an endpoint for routing site visitors. This ensures that knowledge is directed appropriately between HealthEdge and the client community with excessive efficiency and reliability. To additional improve resilience, an IPsec VPN tunnel can also be established as a passive, redundant connection. Within the occasion of the devoted circuit turning into unavailable, the IPsec VPN tunnel acts as a backup, enabling continued knowledge switch.
Catastrophe restoration
Lastly, catastrophe restoration plans are developed for every HealthEdge consumer. These plans are examined and up to date commonly to make sure they continue to be efficient by the HealthEdge IT safety and compliance group. Simulations are accomplished to establish gaps or weaknesses within the plans, in addition to make sure the plan is in keeping with adjustments to enterprise operations or IT infrastructure.
