Guest author: Karen Burton, Healthcare Business Development Manager
Medical records and healthcare information are among the most sensitive data in the IT world, so it’s comes as no surprise that healthcare organizations are hesitant to outsource technology services. As the benefits of moving to a cloud-based infrastructure become more and more clear, IT leaders in healthcare are weighing their options and exploring outsourcing opportunities. Here are three important pieces to consider when shopping for managed services:
1. Internal security threats
The buzz surrounding the security of healthcare information is usually linked to external leaks – but the reality is that a security breech has the same potential to occur internally. It’s critical to know who has access to sensitive data. When doing research, know which questions to ask.
- Which employees can access private information?
- What type of screening process have employees gone through?
- How have employees been deemed trustworthy to access sensitive data?
Shutterstock/Oleksiy Mark 1
2. Disaster recovery plans
All organizations’ data bases – regardless of the sensitivity of the data – should have some type of security measures in place. For healthcare organizations, it goes beyond initial security. Be proactive and learn the ins and outs of back up plans.
- How are back up data bases accessed?
- Can it be done securely with minimal risk?
- How is the security plan tested – and how often?
3. Other companies using the same services
When using an outsourced company for cloud services, your data may be housed with additional companies’ data – which might open up the risk of spreading malware. Learn as much as you can about how other clients manage their IT security.
- What precautions are taken to ensure malware isn’t spread among clients?
- Are other clients properly trained on best practices for security?
Patients trust the organizations from which they obtain medical services. Healthcare organizations need to be able to trust their IT service providers.
What other information should organizations consider before partnering with an IT service provider?