Data privacy and protecting patient data is a major concern for hospitals that is why bulletproof storage needs to be implemented.
BEST OF BREED
The healthcare industry is a perfect example of digital transformation in action. For many years now we have heard of the transition from analog to digital medical images for a wide variety of “ologies” starting with radiology (MRI, CT-Scan, X-Ray) and now evolving toward cardiology, pathology and more. Healthcare software companies such as Sectra Healthcare are leading the way in providing a comprehensive suite that supports these various -ologies under the umbrella of Enterprise Image Management (EIM). EIM provides a common framework for doctors to access applications and their associated medical images, as well as providing a shared platform for insurance providers and patients. The trend in hospitals is toward this integrated platform approach, due to the significant benefits in unified access, standardization, and lowered operational and management costs. Open access to additional “best of breed” imaging applications is still assured through Vendor Neutral Archives (VNA) applications that can provide image sharing using standardized image formats (typically DICOM).
DATA PRIVACY AND PROTECTION
We all know that data privacy and protecting patient data is a major concern for hospitals. These privacy concerns have wide ramifications on security practices, personnel, and the underlying technologies storing, managing and processing patient data. It doesn’t help that the healthcare industry has become a major target for malicious actors due to the fact that stolen health credentials can be worth 10 to 20 times more than credit card information on the black market. A few reports demonstrate the risk:
- FortiGuard Labs reports that during the last year, the healthcare industry saw an average of 32,000 intrusion attacks per day.
- Breaches over the past year have increased every quarter, with 4.39 million medical records exposed in Q3 alone.
Even with HIPAA requirements, many (or even most) hospitals do not have core competencies in security practices or technology solutions. This is one reason why the trend toward EIM is occurring: EIM creates a common platform for user identity and access management (commonly referred to as IAM) across all of the various -ologies, that can eliminate the variables that would be introduced in a multi-vendor, best-of-breed approach.
SOLUTIONS AND BENEFITS
While storage is only one layer in the technology stack (apps, servers, networks, storage), it does make sense for healthcare customers to consider scale-out storage solutions that provide the same benefits as their imaging application platforms:
- Scale-out storage can grow across multiple -ologies, and support image storage requirements from 100’s of Terabytes to dozens of Petabytes (and beyond).
- The storage security model is common across the EIM and its applications: this includes storage user identity and access management.
- In Scality RING, for example, we provide a common IAM framework based on the AWS cloud model for managing multiple application domains, users, groups of users, and access control policies to prevent unauthorized access and integration with the industry’s most popular security frameworks including Microsoft Active Directory
- Storage authentication based on highly secure private/public keys, and secure network connections to storage over HTTPS.
- Data-at-rest encryption provides the ability to store patient images in best-practices AES-256 bit encryption, with the integration of leading key management systems (KMS).
Scality RING provides a proven, secure and always-on storage infrastructure that can map to the needs of hospitals for medical imaging applications, and has been deployed in leading private, public and university hospitals with all of the leading PACS and VNA solutions. Learn more about Scality’s solutions for medical imaging and read some of our customer success stories.