Issue link: http://cp.revolio.com/i/915954
14 | THE DATA CENTER JOURNAL www.datacenterjournal.com tinue to threaten health-care organi- zations, IT departments are striving to cover as much ground as possible. But keeping up with security oen results in the need to stop routine, but critical, operations and respond to an alarm. Cybersecurity is increas- ingly important, but many organiza- tions find it difficult to adequately address given budget constraints, an industrywide security-talent shortage and the limited resources of current security teams. So how can health- care organizations improve their security posture? First, they should consider working with a trusted partner to help address increasing workloads. Although the industry was initially slow to adopt cloud technology and outside service providers, many health-care leaders are employing security services from well-qualified service providers to strengthen their security posture. According to a re- cent study of 157 health-IT decision makers from Peak 10 + ViaWest, the top third-party services are antivirus (89 percent), email and web security (85 percent), and firewall (81 per- cent), with encryption and security assessments closely following. changing regulaTions According to the same study, 67 percent of health-IT leaders expect their IT budgets to increase in the next two years. But resources are still strained because of pressure to re- main compliant—new regulations are constantly crossing lines and current regulations are always undergoing adjustment. Although the health-care system is working toward a more unified resolution, we still have a long way to go and can anticipate uncertainty for the foreseeable future. Continuously updating your IT envi- ronment to meet shiing compliance requirements is expensive and time consuming—especially for IT teams looking to spend their time on other high-priority projects. To address changing compliance requirements, organizations should focus on the fundamentals of infor- mation security: • Confidentiality—prevent the disclosure of information to unauthorized individuals. • Integrity—data cannot be modified undetectably. • Availability—information can be accessed when needed. cloud user adopTion Health-care organizations are now open to outsourcing via cloud and colocation, aiming to take ad- vantage of the improved operational efficiency and cost reduction that those services allow. In the past, they were slow to adopt outside services, owing largely to security concerns (especially breaches). at's an area where cloud-based solutions can help in many cases. Eighty percent of participants in the aforementioned health-care study cited security and data privacy as their top concerns in moving to the cloud. How can health-care organiza- tions (especially those weary security and compliance teams) be strategic about cloud adoption? Make a plan with a clear goal. Moving to the cloud should be part of a more comprehen- sive strategy to reach the institution's broader goals. consolidaTion Brings inTegraTion challenges Consolidation and mergers are driving IT priorities. Consolidations of hospitals—as well as vendors and applications—are major drivers for technology-delivery models, and it's happening everywhere. One result is tremendous pressure on people, capi- tal, hospital systems and the infra- structure behind the systems refresh of a health-care organization. looking ahead Health-care organizations must prioritize the security and availability of their IT infrastructure. More of them will update legacy applications and move where their IT infrastruc- ture resides. Many will take a hybrid IT approach, employing a mix of on- premises and cloud solutions. Most of those organizations will assess out- sourcing their colocation, disaster- recovery or application workloads within the next two years, meaning they'll have a mix of cloud, colo and on-premises IT solutions to handle, house and secure their IT operations. Later, innovations in nanotechnol- ogy, wireless connectivity and sensor miniaturization will become more common in the health-care industry as well. Health-care organizations must devote a considerable portion of their budget to updating, running and pro- tecting their IT. If not, they risk the health of both their technology and their patients. Now more than ever, health-IT leaders must recognize the importance of technology and IT infrastructure to health-care opera- tions. IT is now a driver of the orga- nization's overall business strategy and a large factor in its revenue. With the power to make a lasting financial impact on the business, health-care CIOs now have a seat at the executive table. Technology is transforming health-care organizations from the inside out, and IT leaders need to stay on top of changing tides. n about the author: David Kidd is VP of Governance, Risk and Compliance at Peak 10 + ViaWest.