How have disaster recovery strategies and privacy-preserving techniques in eHealth cloud

systems evolved since 2016, particularly in the face of growing threats like ransomware and
data breaches?
Do you believe current approaches (e.g AI, blockchain, air-gapped back-ups) provide
sufficient protection for healthcare data in the cloud? Why or Why not?
Use examples from both Sahi et al (2016) article and newer research articles (2022-2024) to
support your argument.

Many healthcare networks across the world have moved towards the use of e-health cloud
computing. E-health cloud systems are a cost-effective way to centralize and remotely store
health data that is easily accessible and shareable across different healthcare platforms (Sahi et
al., 2016). However, storing data on e-health cloud servers increases the risk of serious privacy,
security, and third-party storage concerns. Therefore, many approaches have been created and
continue to evolve since the Sahi et al., 2016 article to ensure the privacy and security of
healthcare information on the cloud. Most of these cloud security approaches also integrate data
recovery strategies in the event of disasters like cyberattacks, data breaches, and other security
incidents. Current e-health cloud protections include the use of cryptography and artificial
intelligence (AI).

Today, many advancements in cryptography techniques make it very difficult for data on the e-
health cloud to be stolen, changed, or compromised. Cloud encryptions use complicated
algorithms to protect stored and in-transit health data from unauthorized access and misuse
(Dawson et al., 2023). Cloud companies are constantly updating their encryption methods to
ensure the confidentiality and privacy of their e-health cloud data and to stay ahead of
unauthorized users like hackers (Sahi et al., 2016). Examples of encryption methods used in
healthcare include email encryptions, blockchain technologies, and access encryptions that
restrict user access to certain files or data (Amanat et al., 2022). Many hospital systems like New
York Presbyterian utilize access encryption methods like the “Break the Glass” feature on Epic
as an extra layer of security when accessing certain patient records.

Another evolving approach to the security and recoverability of e-health data in the cloud is
artificial intelligence (AI). AI is used by e-health cloud companies to detect unauthorized data
access, ransomware, and other cyber threats (Hassan & Chaudhary, 2024). AI algorithms are
utilized in cloud computing to manage security features like user authentication and least
privilege access (Hassan & Chaudhary, 2024). Today, AI is also being used to automate the e-
health cloud disaster recovery processes. AI allows for real-time, efficient interventions in
comparison to manual methods. E-health cloud programmers can use AI to quickly initiate data
back-ups, reboots, and restorations during outages and potential security incidents (Hassan &
Chaudhary, 2024; Syed, 2024).

There have been many innovations in e-health cloud security and disaster recovery strategies
since 2016. However, there are still many deficits in cloud security and recovery strategies.
Many e-health clouds still have data breaches and are ill-equipped for data outages. For example,
this year, the ransomware group, Black Cat infiltrated the data system of Change Healthcare, a
healthcare payment processor (US Department of Health and Human Services, 2024). Similarly,
numerous health systems were ill-prepared for the Microsoft and CrowdStrike system outage
during July of this year and experienced days of service disruptions (Correal & Cowan, 2024).
These examples highlight that new technologies are needed in the face of growing security
threats and data outages. These security and recovery deficits also show the need for greater
government involvement in establishing more e-health cloud protocols like the National Institute
of Standards and Technology (NIST) Cybersecurity Framework to ensure greater health
information system protection from cyberattacks and system outages (NIST, 2021).

References

Amanat, A., Rizwan, M., Maple, C., Zikria, Y. B., Almadhor, A. S., & Kim, S. W. (2022).
Blockchain and cloud computing-based secure electronic healthcare records storage and
sharing. Frontiers in public health, 10, 938707. https://doi.org/10.3389/fpubh.2022.938707

Correal, A. & Cowan, J. (2024, July 19). Hospitals cancel nonessential surgeries after global
technology outage. New York Times. https://www.nytimes.com/2024/07/19/business/hospitals-
cancel-nonessential-surgeries-global-technology-outage.html

Dawson, J. K., Frimpong, T., Hayfron Acquah, J. B., & Missah, Y. M. (2023). Ensuring privacy
and confidentiality of cloud data: A comparative analysis of diverse cryptographic solutions
based on run time trend. PloS one, 18(9), e0290831.
https://doi.org/10.1371/journal.pone.0290831

Hassan, S. & Chaudhary, M. (2024). The Role of AI in Enhancing Cloud Security: A

comprehensive analysis of its impact on the Indian IT Industry. International journal of
intelligent systems and applications in engineering, 12(22s), 1600 –. Retrieved from
https://www.ijisae.org/index.php/IJISAE/article/view/6709

National Institute of Standards and Technology. (2021, November 30). NIST Cybersecurity &
privacy program: The vitals.
https://www.nist.gov/system/files/documents/2021/11/09/Cybersecurity%20Vitals%20Fact
%20Sheet.pdf

Sahi, A., Lai, D., & Li, Y. (2016). Security and privacy preserving approaches in the eHealth
clouds with disaster recovery plan. Computers in biology and medicine, 78, 1–8.
https://doi.org/10.1016/j.compbiomed.2016.09.003

US Department of Health and Human Services. (2024, July 30). Change Healthcare
cybersecurity incident: Frequently asked questions. https://www.hhs.gov/hipaa/for-
professionals/special-topics/change-healthcare-cybersecurity-incident-frequently-asked-
questions/index.html
Hello Priscilla:

Thank you for your contribution to this week’s discussion. As pointed out in your post,
technology is now a part of all facets of healthcare, from medical devices to storage with e-health
cloud computing. Therefore, disaster recovery and cybersecurity strategies are even more critical
to preserve and protect health data. According to the US Department of Health and Human
Services (n.d.), it receives at least 5-10 reports of breaches from hacking and IT incidents
affecting 500 or more individuals from health-related entities like clinics, hospitals, and health
insurance plans weekly. This data highlights the need for greater protection strategies for
healthcare data, especially in the face of growing cyber threats like ransomware and other data
breaches. Healthcare organizations must constantly evolve and utilize new approaches, such as
advancements in cryptography, blockchain technology, and artificial intelligence (AI), to stay
ahead of hackers and other unauthorized users (Amanat et al., 2022). Healthcare organizations
must also invest in disaster recovery strategies like air-gapped and immutable back-ups to
prevent unauthorized data access and reduce the likelihood of prolonged data outages when a
data disaster does occur (Amanat et al., 2022; Sahi et al., 2016).

References

Amanat, A., Rizwan, M., Maple, C., Zikria, Y. B., Almadhor, A. S., & Kim, S. W. (2022).
Blockchain and cloud computing-based secure electronic healthcare records storage and
sharing. Frontiers in public health, 10, 938707. https://doi.org/10.3389/fpubh.2022.938707

Sahi, A., Lai, D., & Li, Y. (2016). Security and privacy preserving approaches in the eHealth
clouds with disaster recovery plan. Computers in biology and medicine, 78, 1–8.
https://doi.org/10.1016/j.compbiomed.2016.09.003

US Department of Health and Human Services. (n.d.). Breach Portal: Notice to the Secretary of
HHS breach of unsecured protected health information.
https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf