Purpose: To discuss critical security components required for tackling cyberattacks for healthcare systems in the cloud.
Methods: We report some security best practices for patient data protection in large-scale, enterprise-level healthcare-analytics platforms.
Results: Healthcare information is now typically stored on cloud servers and accessed through Internet or intranet service anywhere within the enterprise, greatly facilitating patient care. However, such convenience also brings security concerns that require the following: User Authentication: Single Sign On helps identify users, permits service access, and provides authentication flow to grant access without storing credentials (e.g. OpenID, OAuth, SAML). Various health data services may only accept one form of SSO tokens and may require conversion if supported. Access Control: Users must not gain access to all information stored within the core service or connected services. Approaches include Role-Based and Attribute-Based Access Control among others. Secrets Protection: Any cloud-based service must use sensitive values such as passwords, access tokens, encryption keys, etc. which must never appear in accessible locations. Internal services should access these values from encrypted, secure storage services like AWS secured S3 buckets or Secrets Manager. Log Sterilization: Logs ensure smooth operation of cloud services but might include sensitive information. Careful removal of sensitive values from logs and audits represent ongoing effort. Although it is mostly manual, some logging systems (e.g. Logstash) feature sterilization tools. Minimal Permissions: Each cloud system component should only be permitted to perform its specific tasks to minimize potential improper access-related damage from interoperable data services and FHIR-based communications. The permission system is specific to each cloud hosting the service (e.g. AWS IAM).
Conclusion: To maintain privacy and data fidelity, cloud data services must demonstrate robust security and responsiveness to changing threats. This can be achieved by more frequent and explicit communication on best practices for medical data protection.
Not Applicable / None Entered.