Lyniate Team

Security and the Cloud? A Decade Old Question and Answer

December 10, 2018

I first encountered the question of cloud security almost a decade ago when I was asked, “Sure healthcare technology in the cloud sounds great…but is it secure?” Back then, when the technology was still relatively immature, it was a much more concerning issue and it was a question being raised across the industry.

Today, as more and more organizations move their day-to-day infrastructure to the cloud, people are becoming more comfortable with the technology and the question has morphed into: “How secure is it, and what is in place to ease my concerns around security?”

In short, the answer, especially for Rhapsody as a Service (RaaS), is: it is very secure, GDPR and HIPAA compliant, and HITRUST certifiable.*

Any security concerns are well founded, especially when considering the repercussions of a data breach in any industry let alone one in healthcare. Protecting patient data is the top priority, after making sure that the right data gets to the right place, at the right time—of course.

And when you actually consider everything that needs to go into securing your integration platform, especially if it is going to be deployed in the cloud, it can get a little overwhelming. That’s where a solution like RaaS comes in to play. Rhapsody has already taken the time to make sure it is secure and allows the end user to offload time and effort, and some of the risk of not getting it right.

Some of the more critical aspects that go into securing your integration platform—irrespective of whether it is deployed in the cloud or not—are:

  • Physical security – where you need to control access to the data center, ensuring only well vetted and authorized personnel can get to your servers.
  • Encryption – where, especially when seeking a certification like HITRUST, you need to ensure that the data is encrypted not only at rest but also in transit.
  • Access control – where you need to make sure that only very specific individuals have access to very specific data or environments.
  • Auditing – where you need to make sure that absolutely everything is audited and auditable.

Between your cloud provider and your application provider, all of the above can be off-loaded. For example, with Rhapsody and Amazon Web Services (AWS), AWS ensures physical security and Rhapsody handles the rest. The RaaS architecture and automation tools were designed and built with these considerations from the very start.

With features that ensure no Rhapsody employee, or really anyone, can gain a direct login to the host running Rhapsody, end-to-end (including in transit inside the environment) encryption, and holistic auditing and logging (every click, every change, every record, etc.), many of the security questions that have been asked over the last decade now have an answer.

*Rhapsody is in the process of completing a HITRUST certification, which will provide further benefits for our customers.


Want to learn what it takes to migrate to the cloud? Check out these resources:

Whitepaper: Migrating to the Cloud for the Healthcare Industry

Blog: 3 Steps to Plan Your Journey to the Cloud

Blog: The Price Is Right: How Moving to the Cloud Can Save You Money

Blog: Why Are Tech Giants Moving to the Cloud?

Learn about Lyniate’s two cloud offerings:

Corepoint One

Rhapsody as a Service (RaaS)

Related Blogs

3 steps to plan your journey to the cloud

Rick Wattras

Three Steps to Plan Your Journey to the Cloud

As organizations move to the cloud, it’s important that they take time to evaluate their technology operations in light of the capabilities offered by the cloud. From my perspective there are three key areas to consider when migrating to the cloud:

Read more
Video Thumbnail

Lyniate Team

Spinning your wheels with data integrations? Lyniate Envoy can get you moving

Your product or service may speed up revenue cycles, help doctors and patients connect virtually, or hold the cure for the plague of the 21st century, but if it can’t easily share data with other systems, you won’t get very far.

Read more

Lyniate Team

Interfacing with Cerner EHR

Cerner hospitals choose Corepoint by Lyniate as their integration engine to optimize their Cerner EHR migration or installation.

Read more