Jeremy Windmiller

How Many of the Top 50 Cloud Services Are a Concern in Healthcare?

Yesterday, CiteWorld had an article entitled “Here are the top 50 cloud services your employees are using every day”.  For those in healthcare IT, do you know how many of these are a security concern?  Let’s do a quick review to see how many pass.

Will Agree to Master Agreement that Covers HIPAA

  • Microsoft Office365 (productivity and file-sharing)
  • Netsuite (financials)
  • Rackspace Cloudfiles (online storage and file sharing)
  • Salesforce (CRM)
  • Skype (videoconferencing)
  • Spiceworks (IT discussion and answers group)
  • Symantec Brightmail (email filtering)
  • Verisign Geotrust (SSL certificates)

 Won’t Agree to Master Agreement that Covers HIPAA

  • 4shared (file-sharing)
  • Apple iCloud (file-sharing)
  • Amazon Web Services (hosted computing platform for web apps)
  • Amazon S3 (hosted data storage for web apps)
  • Box.net (file-sharing)
  • Dropbox (file-sharing)
  • Evernote (note-taking)
  • Google mail (email)
  • Google Apps (productivity and file-sharing)
  • Hotmail (email)
  • Intuit Quickbase (financials)
  • Prezi (presentations)
  • Screencast (file sharing)
  • Slideshare (presentations)
  • Snapfish (digital photo printing)
  • Sugarsync (file sharing)
  • Yousendit (file-sharing)
  • Xobni (email management)

 Should be Limited to Specific Groups/Uses

  • Facebook (social network)
  • Google Analytics (web analytics)
  • LinkedIn (social network, recruiting)
  • Disqus (comments)
  • Twitter (social network)
  • Marketo (marketing automation)
  • Flickr (photo-sharing)
  • AOL (content, communications)

 Consumer Solution that Should be Used at Home

  • Carbonite (backup)
  • EMC Mozy (backup)

 Unable to Determine

  • Addthis (social bookmarking)
  • Constant Contact (email list management)
  • Docusign (document signing)
  • New Relic (web application performance management)
  • Olark (live chat with customers)
  • Oracle RightNow (customer service)
  • Oracle Taleo (talent management)
  • Pagerduty (online IT dispatching)
  • Sliderocket (presentations)
  • Typekit (font embedding)
  • Workday (HR and financials)

Applications on Site May Be in Violation

  • Bitbucket (code management)
  • Github (code management)
  • Sourceforge (code management)

 No big surprise that most of these “cloud” services don’t meet the security regulation required by healthcare.