When working with cloud service providers, healthcare organizations must take responsibility for security practices rather than relying on the vendor, says Sonia Arista, a security consultant who formerly was CISO at Tufts Medical Center.”People tend to put a lot of emphasis on the cloud provider establishing the security baselines, when in reality, anyone who’s ever done a migration to the cloud understands that a lot of the security configurations are the responsibility of the … organization procuring the service, and that the cloud provider isn’t willing to take that amount of risk on themselves,” she says in an interview with Information Security Media Group at the HIMSS18 conference. Arista is a featured speaker at the event, where she’s addressing how to build a data security program.

Source: Click here

Share this article

Facebook Comments