Data Security and Privacy Assurance Considerations in Cloud Computing for Health Insurance Providers

摘要

Cloud computing has been massively adopted in healthcare, where it attracts economic, operational, and functional advantages beneficial to insurance providers. However, according to Identity Theft Resource Centre, over twenty-five percent of data breaches in the US targeted healthcare. The HIPAA Journal reported an increase in healthcare data breaches in the US in 2016, exposing over 16 million health records. The growing incidents of cyberattacks in healthcare are compelling insurance providers to implement mitigating controls. Addressing data security and privacy issues before cloud adoption protects from monetary and reputation losses. This article provides an assessment tool for health insurance providers when adopting cloud vendor solutions. The final deliverable is a proposed framework derived from prominent cloud computing and governance sources, such as the Cloud Security Alliance, Cloud Control Matrix (CSA, CCM) v 3.0.1 and COBIT 5 Cloud Assurance.