Dropbox? When is it OK to say 'yes'?

A healthcare CIO reverses course and lets doctors use the cloud service, but only with a layer of data encryption for security.

healthcare security
Credit: Thinkstock

When CIO Gerry Moore joined St. James Hospital Group last year, the staff and doctors -- who increasingly work with mobile devices -- wanted to use Dropbox, a popular, cloud-based storage tool often used for file sharing. Moore denied the requests because of security and compliance concerns.

Physicians and hospital departments wanted Dropbox so they could quickly share medical reports and results, but the hospital group "could not implement a solution that would put a patient's data at risk in any way, shape or form," Moore says.

Speed vs. security

St. James Hospital Group, which has hospitals in Malta, Hungary and Libya, is greatly concerned about ensuring data privacy and security, but it also needed a way to speed up collaboration and workflows.

[Related: Health insurance companies prime targets for hackers ]

So in July 2014 the organization began its search for technology to deliver certain patient information to general practitioners (GP) without putting the information at risk. The hospital group selected a product from Sookasa that adds data-protecting encryption to Dropbox. The organization has deployed the combo in its radiology departments, and plans to implement it in specialty areas such as the oncology, endoscopy, maternity, psychology and urgent care units.

"The plan is to roll out this functionality to every department that gets referrals or that interacts with patients who have a GP who would require documents for his own records," Moore says.

[Related: What the Anthem data breach says about healthcare IT ]

Prior to the implementation, "we would have sent out radiology reports via [mail] and the patient would have to wait until the GP had the record in hand and had reviewed it before discussing the result with them," Moore says. "Now the GP is receiving the records within hours of a diagnostic scan being carried out and can see the patient the next day or even the same day," Moore says. "This provides massive benefits to the patients, as they receive care much faster and have less time to stress themselves out."

The pros and cons of 'frictionless'

Another result: "We are gaining an even better reputation for being efficient," Moore says.

There's growing demand for products like Sookasa that protect confidential information, says David Monahan, a security analyst at Enterprise Management Associates. "Services like Dropbox, Box, Google Drive and others are still growing in popularity," Monahan says. "The ability to share data across the cloud in a frictionless manner is highly desired. However, the more frictionless the less secure. People often do not think about the ramifications of sharing data, especially when it comes to what happens to it once they let it go."

This story, "Dropbox? When is it OK to say 'yes'?" was originally published by CIO.

ITWorld DealPost: The best in tech deals and discounts.