Over 80 countries and unions across Europe, Asia, Africa and North America have adopted data privacy and protection laws similar to those in the U.S. However, the information that drives these processes – clinical test results, medical images, patient records, claims data – is highly sensitive. Healthcare and life science stakeholders, therefore, must automate internal and cross-organization workflows while maintaining patient privacy and protecting intellectual property.
Consider the scenario where patient information must be shared among a radiologist, an oncologist and a neurosurgeon who are consulting on a time-critical case. In another scenario, a drug research project may require scientists to share sensitive data such as protocols, test results and confidential clinical information. Although these scenarios are quite different, they highlight the need for a data sharing solution that facilitates expert collaboration while protecting patient confidentiality and stakeholders’ intellectual property.
The healthcare and life sciences vertical is responsible for 76.2 percent of all cloud data loss prevention (DLP) policy violations among the billions of total [cloud] app instances tracked. Fall 2015 Netskope Cloud Report—Netskope, October 2015
ownCloud: Secure, Frictionless Collaboration
ownCloud is a popular file sharing solution for healthcare and life science organizations because it combines ease of use without compromising control over sensitive data. Unlike consumer-grade file sharing services, which store sensitive data on public cloud servers, ownCloud is deployed within an organization’s IT infrastructure. ownCloud integrates seamlessly with every part of the IT fabric – from user directories to security systems to monitoring and back-up services –
ensuring that sensitive data remains under control at all times. Yet it also provides the ease-of-use and mobility needed to streamline healthcare and life science information processes.
A few examples of how ownCloud can be used in healthcare applications include:
File Retention and HIPAA Compliance
ownCloud understands the importance of keeping patient information out of the wrong hands while also being HIPAA compliant. So, because ownCloud lives on your server; if your existing infrastructure is HIPAA compliant, ownCloud does not alter this. And ownCloud enables admins to set document classification rules and then, based on the defined classification, take action to enforce those rules. By leveraging a combination of new system and user tags, admins and users can decide how to classify a document. Further, admins can set policies that determine how long to retain a file based on the classification, and then automatically delete the file at the end of a defined retention period.
Data Infrastructure Modernization
Doctors, researchers and other experts need to share sensitive data internally and with external peers. Examples include patient test results, research findings and confidential clinical information. Some experts need to view data, while others need the ability to enhance raw data with new information, insights and revisions. Email is commonly used today for document sharing, however, it is notoriously insecure, non-compliant and prone to data leakage. Cloud-based file sharing services are convenient, but using them for sensitive data exposes organizations to privacy violations and associated consequences. ownCloud allows all sensitive data to remain securely within an organization’s control, ensuring that only authorized parties can access data. Using ownCloud, healthcare and life science collaborations can be achieved in a secure, compliant, auditable manner.
Mobile Physician Knowledge Base
Dividing time between office hours, hospital procedures, ER duties, teaching commitments and other activities, doctors are constantly on the move. They are among the most active users of mobile devices. Recognizing this trend, hospitals, group practices and clinics are moving quickly to consolidate libraries of medical information so it can be shared across their growing physician networks. Timely access to research can be the difference between life and death in critical care situations, and improves all forms of patient interaction and care. Importantly, many doctors must have the ability to annotate available research with new treatment anecdotes to provide their peers with updated field information. ownCloud is the perfect platform for building a mobile physician knowledge base. It allows medical teams to quickly amass searchable research libraries, authorize individuals and groups to access portions (or all) of that content, and control who can edit specific documents. Importantly, ownCloud also allows sensitive patient and practice data to be comingled with research without compromising data security and HIPAA compliance. All content is available on physicians’ smart phones, tablets and desktop systems at the push of a button. Using ownCloud, doctors can improve patient care and save lives by sharing critical care content from anywhere, any time.
Security, Control, Auditability
Healthcare stakeholders need to share sensitive data with the confidence of knowing it is only available to authorized parties. Further, organizations need to control each party’s rights (view, download, update, etc.) and audit how and when data has been accessed. Traditional file sharing approaches are cumbersome at best and insecure at worst. And cloud-based file sharing services raise many questions about compliance with HIPAA and other regulations. ownCloud overcomes these limitations with a file sharing solution that runs on premises. ownCloud is designed from the ground up to integrate with existing directory, security and rights management systems, ensuring that data governance policies are enforced end-to-end. ownCloud’s flexible logging features provide auditors with detailed visibility into all data access activities.
Learn more about why many healthcare and life science organizations are choosing on-premises file access solutions like ownCloud. Learn more