Government regulation on cloud security may spur SaaS use in health care
Governments may need to tighten the regulatory screws on SaaS vendors to make them be more transparent and forthcoming about their security practices.
Until then, it will be hard for health care companies in particular to fully trust cloud software vendors, according to speakers at the EU-U.S. ehealth Marketplace and Conference in Boston on Wednesday.
Depending on customers to audit cloud vendors to ensure that their security and privacy measures comply with U.S. government regulations on protecting sensitive data is inadequate, one of the speakers said.
“The best we can do right now is a checklist,” said Chris Davis, a Verizon senior architect whose job entails ensuring that the company’s cloud services meet the data security regulations of various national governments. Technology, however, changes rapidly and checklists soon become dated, he said.