Loading…
Organizational and Technical Security Considerations for Laboratory Cloud Computing
Clinical and anatomical pathology services are increasingly utilizing cloud information technology (IT) solutions to meet growing requirements for storage, computation, and other IT services. Cloud IT solutions are often considered on the promise of low cost of entry, durability and reliability, sca...
Saved in:
| Published in: | The journal of applied laboratory medicine 2023-01, Vol.8 (1), p.180-193 |
|---|---|
| Main Author: | |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | cdi_FETCH-LOGICAL-c248t-eaf3f0e5a2602b387812083e966172782432f91b46b1779c0dfd25bf652f40bc3 |
| container_end_page | 193 |
| container_issue | 1 |
| container_start_page | 180 |
| container_title | The journal of applied laboratory medicine |
| container_volume | 8 |
| creator | Krumm, Niklas |
| description | Clinical and anatomical pathology services are increasingly utilizing cloud information technology (IT) solutions to meet growing requirements for storage, computation, and other IT services. Cloud IT solutions are often considered on the promise of low cost of entry, durability and reliability, scalability, and features that are typically out of reach for small- or mid-sized IT organizations. However, use of cloud-based IT infrastructure also brings additional security and privacy risks to organizations, as unfamiliarity, public networks, and complex feature sets contribute to an increased surface area for attacks.
In this best-practices guide, we aim to help both managers and IT professionals in healthcare environments understand the requirements and risks when using cloud-based IT infrastructure within the laboratory environment. We will describe how technical, operational, and organizational best practices that can help mitigate security, privacy, and other risks associated with the use of could infrastructure; furthermore, we identify how these best practices fit into healthcare regulatory frameworks.Among organizational best practices, we identify the need for specific hiring requirements, relationships with parent IT groups, mechanisms for reviewing and auditing security practices, and sound practices for onboarding and offboarding employees. Then, we highlight selected specific operational security, account security, and auditing/logging best practices. Finally, we describe how individual cloud technologies have specific resource-level security features.
We emphasize that laboratory directors, managers, and IT professionals must ensure that the fundamental organizational and process-based requirements are addressed first, to establish the groundwork for technical security solutions and successful implementation of cloud infrastructure. |
| doi_str_mv | 10.1093/jalm/jfac118 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_2761984313</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2761984313</sourcerecordid><originalsourceid>FETCH-LOGICAL-c248t-eaf3f0e5a2602b387812083e966172782432f91b46b1779c0dfd25bf652f40bc3</originalsourceid><addsrcrecordid>eNo9kDtPwzAURi0EolXpxowyMhDqV2xnRBUvKVKHltlyHLu4SuJiJ0P59bi0MN376R59ujoA3CL4iGBJFjvVdoudVRohcQGmmPIi55iiy7QXnOUlLdgEzGPcQQiRwIwReA0mhDEEKS6nYL0KW9W7bzU436s2U32TbYz-7J1OaW30GNxwyJa-j64x4ReLmfUhq1TtU_YhXVs_Nonp9uPg-u0NuLKqjWZ-njPw8fK8Wb7l1er1fflU5RpTMeRGWWKhKRRmENdEcIEwFMSU6TmOucCUYFuimrIacV5q2NgGF7VlBbYU1prMwP2pdx_812jiIDsXtWlb1Rs_Rok5Q6WgBJGEPpxQHXyMwVi5D65T4SARlEeT8mhSnk0m_O7cPNadaf7hP2_kB3UscD8</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2761984313</pqid></control><display><type>article</type><title>Organizational and Technical Security Considerations for Laboratory Cloud Computing</title><source>Oxford Journals Online</source><creator>Krumm, Niklas</creator><creatorcontrib>Krumm, Niklas</creatorcontrib><description>Clinical and anatomical pathology services are increasingly utilizing cloud information technology (IT) solutions to meet growing requirements for storage, computation, and other IT services. Cloud IT solutions are often considered on the promise of low cost of entry, durability and reliability, scalability, and features that are typically out of reach for small- or mid-sized IT organizations. However, use of cloud-based IT infrastructure also brings additional security and privacy risks to organizations, as unfamiliarity, public networks, and complex feature sets contribute to an increased surface area for attacks.
In this best-practices guide, we aim to help both managers and IT professionals in healthcare environments understand the requirements and risks when using cloud-based IT infrastructure within the laboratory environment. We will describe how technical, operational, and organizational best practices that can help mitigate security, privacy, and other risks associated with the use of could infrastructure; furthermore, we identify how these best practices fit into healthcare regulatory frameworks.Among organizational best practices, we identify the need for specific hiring requirements, relationships with parent IT groups, mechanisms for reviewing and auditing security practices, and sound practices for onboarding and offboarding employees. Then, we highlight selected specific operational security, account security, and auditing/logging best practices. Finally, we describe how individual cloud technologies have specific resource-level security features.
We emphasize that laboratory directors, managers, and IT professionals must ensure that the fundamental organizational and process-based requirements are addressed first, to establish the groundwork for technical security solutions and successful implementation of cloud infrastructure.</description><identifier>ISSN: 2576-9456</identifier><identifier>ISSN: 2475-7241</identifier><identifier>EISSN: 2475-7241</identifier><identifier>DOI: 10.1093/jalm/jfac118</identifier><identifier>PMID: 36610429</identifier><language>eng</language><publisher>England</publisher><subject>Cloud Computing ; Delivery of Health Care ; Humans ; Privacy ; Reproducibility of Results</subject><ispartof>The journal of applied laboratory medicine, 2023-01, Vol.8 (1), p.180-193</ispartof><rights>American Association for Clinical Chemistry 2023. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c248t-eaf3f0e5a2602b387812083e966172782432f91b46b1779c0dfd25bf652f40bc3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids><backlink>$$Uhttps://www.ncbi.nlm.nih.gov/pubmed/36610429$$D View this record in MEDLINE/PubMed$$Hfree_for_read</backlink></links><search><creatorcontrib>Krumm, Niklas</creatorcontrib><title>Organizational and Technical Security Considerations for Laboratory Cloud Computing</title><title>The journal of applied laboratory medicine</title><addtitle>J Appl Lab Med</addtitle><description>Clinical and anatomical pathology services are increasingly utilizing cloud information technology (IT) solutions to meet growing requirements for storage, computation, and other IT services. Cloud IT solutions are often considered on the promise of low cost of entry, durability and reliability, scalability, and features that are typically out of reach for small- or mid-sized IT organizations. However, use of cloud-based IT infrastructure also brings additional security and privacy risks to organizations, as unfamiliarity, public networks, and complex feature sets contribute to an increased surface area for attacks.
In this best-practices guide, we aim to help both managers and IT professionals in healthcare environments understand the requirements and risks when using cloud-based IT infrastructure within the laboratory environment. We will describe how technical, operational, and organizational best practices that can help mitigate security, privacy, and other risks associated with the use of could infrastructure; furthermore, we identify how these best practices fit into healthcare regulatory frameworks.Among organizational best practices, we identify the need for specific hiring requirements, relationships with parent IT groups, mechanisms for reviewing and auditing security practices, and sound practices for onboarding and offboarding employees. Then, we highlight selected specific operational security, account security, and auditing/logging best practices. Finally, we describe how individual cloud technologies have specific resource-level security features.
We emphasize that laboratory directors, managers, and IT professionals must ensure that the fundamental organizational and process-based requirements are addressed first, to establish the groundwork for technical security solutions and successful implementation of cloud infrastructure.</description><subject>Cloud Computing</subject><subject>Delivery of Health Care</subject><subject>Humans</subject><subject>Privacy</subject><subject>Reproducibility of Results</subject><issn>2576-9456</issn><issn>2475-7241</issn><issn>2475-7241</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNo9kDtPwzAURi0EolXpxowyMhDqV2xnRBUvKVKHltlyHLu4SuJiJ0P59bi0MN376R59ujoA3CL4iGBJFjvVdoudVRohcQGmmPIi55iiy7QXnOUlLdgEzGPcQQiRwIwReA0mhDEEKS6nYL0KW9W7bzU436s2U32TbYz-7J1OaW30GNxwyJa-j64x4ReLmfUhq1TtU_YhXVs_Nonp9uPg-u0NuLKqjWZ-njPw8fK8Wb7l1er1fflU5RpTMeRGWWKhKRRmENdEcIEwFMSU6TmOucCUYFuimrIacV5q2NgGF7VlBbYU1prMwP2pdx_812jiIDsXtWlb1Rs_Rok5Q6WgBJGEPpxQHXyMwVi5D65T4SARlEeT8mhSnk0m_O7cPNadaf7hP2_kB3UscD8</recordid><startdate>20230104</startdate><enddate>20230104</enddate><creator>Krumm, Niklas</creator><scope>CGR</scope><scope>CUY</scope><scope>CVF</scope><scope>ECM</scope><scope>EIF</scope><scope>NPM</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7X8</scope></search><sort><creationdate>20230104</creationdate><title>Organizational and Technical Security Considerations for Laboratory Cloud Computing</title><author>Krumm, Niklas</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c248t-eaf3f0e5a2602b387812083e966172782432f91b46b1779c0dfd25bf652f40bc3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Cloud Computing</topic><topic>Delivery of Health Care</topic><topic>Humans</topic><topic>Privacy</topic><topic>Reproducibility of Results</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Krumm, Niklas</creatorcontrib><collection>Medline</collection><collection>MEDLINE</collection><collection>MEDLINE (Ovid)</collection><collection>MEDLINE</collection><collection>MEDLINE</collection><collection>PubMed</collection><collection>CrossRef</collection><collection>MEDLINE - Academic</collection><jtitle>The journal of applied laboratory medicine</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Krumm, Niklas</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Organizational and Technical Security Considerations for Laboratory Cloud Computing</atitle><jtitle>The journal of applied laboratory medicine</jtitle><addtitle>J Appl Lab Med</addtitle><date>2023-01-04</date><risdate>2023</risdate><volume>8</volume><issue>1</issue><spage>180</spage><epage>193</epage><pages>180-193</pages><issn>2576-9456</issn><issn>2475-7241</issn><eissn>2475-7241</eissn><abstract>Clinical and anatomical pathology services are increasingly utilizing cloud information technology (IT) solutions to meet growing requirements for storage, computation, and other IT services. Cloud IT solutions are often considered on the promise of low cost of entry, durability and reliability, scalability, and features that are typically out of reach for small- or mid-sized IT organizations. However, use of cloud-based IT infrastructure also brings additional security and privacy risks to organizations, as unfamiliarity, public networks, and complex feature sets contribute to an increased surface area for attacks.
In this best-practices guide, we aim to help both managers and IT professionals in healthcare environments understand the requirements and risks when using cloud-based IT infrastructure within the laboratory environment. We will describe how technical, operational, and organizational best practices that can help mitigate security, privacy, and other risks associated with the use of could infrastructure; furthermore, we identify how these best practices fit into healthcare regulatory frameworks.Among organizational best practices, we identify the need for specific hiring requirements, relationships with parent IT groups, mechanisms for reviewing and auditing security practices, and sound practices for onboarding and offboarding employees. Then, we highlight selected specific operational security, account security, and auditing/logging best practices. Finally, we describe how individual cloud technologies have specific resource-level security features.
We emphasize that laboratory directors, managers, and IT professionals must ensure that the fundamental organizational and process-based requirements are addressed first, to establish the groundwork for technical security solutions and successful implementation of cloud infrastructure.</abstract><cop>England</cop><pmid>36610429</pmid><doi>10.1093/jalm/jfac118</doi><tpages>14</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2576-9456 |
| ispartof | The journal of applied laboratory medicine, 2023-01, Vol.8 (1), p.180-193 |
| issn | 2576-9456 2475-7241 2475-7241 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_2761984313 |
| source | Oxford Journals Online |
| subjects | Cloud Computing Delivery of Health Care Humans Privacy Reproducibility of Results |
| title | Organizational and Technical Security Considerations for Laboratory Cloud Computing |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-30T22%3A10%3A13IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Organizational%20and%20Technical%20Security%20Considerations%20for%20Laboratory%20Cloud%20Computing&rft.jtitle=The%20journal%20of%20applied%20laboratory%20medicine&rft.au=Krumm,%20Niklas&rft.date=2023-01-04&rft.volume=8&rft.issue=1&rft.spage=180&rft.epage=193&rft.pages=180-193&rft.issn=2576-9456&rft.eissn=2475-7241&rft_id=info:doi/10.1093/jalm/jfac118&rft_dat=%3Cproquest_cross%3E2761984313%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c248t-eaf3f0e5a2602b387812083e966172782432f91b46b1779c0dfd25bf652f40bc3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2761984313&rft_id=info:pmid/36610429&rfr_iscdi=true |