Nearly every provider, hospital, healthcare center and clearing house is using information technology, even if it is just related to revenue cycle management. More and more entities are now dealing with EHR software and this means an increase in the number of Protected Health Information (PHI) centers.

Meaningful Use regulations are also getting stricter every day, and soon practices which are not using information technology will not be eligible for Medicare benefits.

Medical healthcare providers are rapidly shifting to cloud computer or the Software as a Service (SaaS) model of healthcare delivery. The biggest advantage they have by using such software is, that they are able to access it in real time from any location with the help of just an internet connection and a web browser.

However, this transformation from an on-site system to cloud computing offers its unique challenges – one of them being concern about the security of patient data. Although HIPAA has strengthened the laws related to patient data security through the Omnibus Rule earlier this year, there is still room for improvement by putting stricter measures in place.

While cloud computing offers many benefits, it also has many associated risks. In case of a natural disaster, a power outage or an internet break down, this model does not offer any other option to help practices and physicians carry on with their workflows. Usually, it can take multiple hours before there is any backup solution, and all of this can lead to loss of precious time which could be used to focus on patient health.

As the number of entities in the SaaS model increases, the number of data storage centers will surely increase as well. More Protected Health Information (PHI) records will mean more attempts to hack the data and will result in more data breaches. Even as of 2013, there have been a number of data breaches related to patient information, yet so far, it has not been made a100 percent safe. Risk of unauthorized access during storage, transmission or analysis will also increase with the rise of PHIs. Hackers are likely to target this information as IT companies do their best to protect it.

Should patients be concerned about their data and privacy? In the current scenario, yes. But there needs to be more work done on laws related to safeguarding patient health information and protecting healthcare centers from data breaches. More and better security measures need to be implemented across every practice so that there is no data loss from any inside source. Laws related to cloud computing also need revision, so that anyone responsible for a security breach can be held accountable.

Healthcare providers also need to be aware of their liabilities in case of any data loss or breach, and should be able to put methods in place which deal with safeguarding patient health information. The HIPAA Omnibus Rule assigns more responsibility and accountability to the vendors in case of loss of patient health information, and allows regulatory bodies to impose stricter fines and penalties on the responsible authority.