Skip to main content Skip to footer

The healthcare cloud security paradox

May 3, 2019

A question of mindset

Tradition rules

The public cloud’s fine-grained, "deny by default" positioning greatly enhances security and when consistently applied minimizes the inherent risks of inadvertent malicious access.

Granular and robust

Collective responsibility and a focus on outcomes

1. Take a public cloud-first mindset

Leverage new security practices and capabilities, born in the cloud.

2. Collaborate early across all stakeholders

The CISO is a critical partner in building scalable security capabilities—yet only 21 percent of CIOs have completely aligned their cloud strategies with their CISO.



3. Ensure that you go beyond IT

Draw legal, compliance, vendor management and others into a conversation about why security in the public cloud reduces risk for the organization over time.



4. Empower application owners and developers

Give responsibility for architecting secure public-cloud capabilities and provide pre-approved guardrails so they can integrate security into their development processes easily and at speed.

5. Leverage partners differently

You need public cloud providers with robust policy enforcement and compliance monitoring built for the specific needs and nuances of healthcare/HIPAA.

David Wood

Managing Director, Growth & Strategy Lead – Cloud First

David works with senior executives overseeing IT strategy, business innovation initiatives and large transformation programs.


Kim makes new and complex IT relatable to payer business executives to innovate and improve healthcare.

Visit our Subscription and Preference Center
Follow us: