Healthcare Data Security Checklist

Health information is now available online in just a few taps for the convenience of users and practitioners. There are multiple healthcare information systems available, on which one can find the relevant information. These information systems contain huge amounts of data, which can be sometimes difficult to manage. Storing and managing the data is key for healthcare data security and if not done properly can eventually lead to misuse of the information.

With the ever-increasing number of digital health initiatives and their interoperability, healthcare data security is becoming more important than ever before. Over the past 12 months, from the start of August 2020 to the end of July 2021, there have been 706 reported healthcare data breaches of 500 or more records, and the healthcare data of 44,369,781 individuals have been exposed or compromised.

Here are some statistics showing the rise in healthcare data breaches.

Healthcare data breaches are expected to rise and any enterprise or organization should take steps towards healthcare data security. Now there is no rocket science behind securing your healthcare data, but one can follow some steps and actions to improve their data security services and create a secure healthcare solution.

In this article, we share a checklist to tackle data security issues in healthcare and create secure healthcare software.

Cloud Strategy

🔹 Strictly Use Multi-Factor Authentication for All User Login: Multi-factor authentication is when a user must provide two or more pieces of evidence to verify their identity to gain access to an app or digital resource.

🔹 Use Different Sub-Accounts for Each Environment: Sub-accounts are used to give different permissions to different users on the platform. For example, a sub-account can be created for an early-stage user and that sub-account can only have read access to a certain subset of data on the platform.

🔹 Least Privilege Principle Access for Each User. Create the Right IAM Policies: IAM policies are used to set security permissions required by a user to access AWS resources. It consists of Identity and Access Management policies and other types of IAM policies like resource permissions, managed policy versions, managed policy namespaces, etc.

🔹 Separate Database Instances for Each Environment in the Private Subnet: This allows you to have different environments without interfering with each other.

🔹 Enable CloudTrail for Logging Account Activity: CloudTrail captures API calls for your account and delivers log files to you. You can monitor, audit, and review all API calls made to Amazon Web Services (AWS) resources associated with your account using CloudTrail.

🔹 Use Key Management Service to Store and Manage Keys: KMS helps you protect your data by using encryption throughout your stack. It offers the ability to encrypt and decrypt data in transit and at rest, as well as a way to rotate keys securely without disrupting services. KMS enables you to create new keys, destroy keys that are no longer needed, rotate keys, and retrieve key versions.

🔹 Use Encryption for Database and S3 Buckets for Compliance: Amazon is a secure, scalable, and powerful infrastructure for managing your data. The first step is encrypting the data that resides on S3 buckets. Fortunately, AWS provides tools to make it easy to do this.

🔹 End-to-End Data Encryption in Transition State Using SSL Certificates: SSL certificates are an essential part of e-commerce and other online business. SSL certificate is one of the most popular ways to secure Internet communications and protect websites, emails, instant messages, and other data from unauthorized access.

Storage Strategy

🔹 Use Provided Native Encryption Capabilities(KMS keys) for Encryption Data at Rest: KMS provides a standard interface to all customers to encrypt data using keys managed by AWS. Use KMS API and tools to manage the encryption of data at rest in your application.

🔹 Role-Based Access Control to Storage:  Role-based access control framework used for cloud storage. The authorization logic is implemented by a set of rules based on the Roles that are defined in advance.

🔹 Enable Logging and Auditing to Monitor Storage Activity: Allow logging and auditing of your cloud or on-premises storage for security, compliance, and troubleshooting.

🔹 Periodically Storage Backups: It is a cloud-based service that automatically stores your data in the cloud and also has a local copy in case of network failure or internet outage.

Manage Operating System Strategy

🔹 Automated Hardening / Secure Configuration, Self-Healing: Manage OS Strategy is an automated system that provides hardening and secure configuration of operating systems, ensuring they are kept up-to-date, patched and hardened to their optimum level.

🔹 Patch Management of Applications and Libraries of the Operating System: Patch Management is a program for updating the software distribution on your computer. The patch can fix problems or improve performance.

🔹 Creating Secure Accounts: Create secure accounts with required privileges only (i.e., user management) to access the resources and perform respective duties.

Logging and Monitoring

🔹 Resource Monitoring: Resource monitoring is the process of monitoring the use of resources. It involves measuring and storing data about resource usage and further opens up opportunities for performance optimization.

🔹 System and Application Logs Monitoring: Logs monitoring enables you to monitor, visualize and alert on any log data. It has a powerful search function and supports JSON-formatted logs, making it simple to monitor application logs for security breaches like SQL injection attacks or unusual activities.

🔹 Automated Security Information: It is a platform that connects you to security experts who are able to detect vulnerabilities in your app and help secure your application.

🔹 Role-Based Access Control in Monitoring Tools: It is a concept of configuring a system so that user roles determine the permissions that a user has to perform certain operations. Implementing role-based access control in monitoring tools increases the security of the monitoring system.

CI/CD Toolkit

🔹 Authorized Login: Authorized login allows users to log in with security. Role-Based Access Control for a user to give only project-specific access to the user.

🔹 Developers have Limited Access: Developers do not have access to real data but only logs to understand the system.

🔹 Only Admin can Create a User: New users are only added by the admin and access is defined for each user.

🔹 Prevent Home Directory Access: No build runs on the master node to prevent programs from accessing the Jenkins Home directory and other server files.

🔹 Use Docker Containers as Linux Agents (nodes): By using Docker containers as Linux agents, you can easily monitor the performance of your applications and keep them up-to-date. For example, an application could be monitored by running a specific command in its Docker container.

🔹 Use Credentials to Store and Mask Sensitive Data Such as Tokens or API Keys: Credentials are a portable and secure way to store sensitive data such as tokens or API keys. It works even when the entire system is compromised, keeping your data safe from intruders.

🔹 Managed Jenkins Pipeline: Each environment has IAM users (with required access only) for accessing the AWS resources during the execution.

🔹 Additional Security Measures were Implemented in Jenkins: Only whitelisted IP addresses can connect to the Jenkins server using ssh.

🔹 Clean Workspace Directory (Source Code) as Soon as Build Finishes: It is a very simple bash script that runs every time after an ant build finishes. It checks for all the directories starting with “workspace” and deletes them.

🔹 Update Jenkins and Plugins Regularly: Jenkins is an open-source automation server. It is a continuous integration tool that can be used to build, test, and deploy any software project continuously.

SCM Platforms

🔹 These are some of the security configurations for GitHub: GitHub is a web-based Git repository hosting service. It offers all of the distributed version control and source code management (SCM) functionality of Git and adds its features.

🔹 Only the Account Owner can Create and Delete the Repository: All the new repositories shall have an owner. The owner is responsible for adding members to the repository, modifying their permissions, and setting up or deleting the permissions for other actions (e.g., pushing to a repository). 

🔹 Only the Project Manager has Admin Permission for repositories: A repository is the main unit of information stored in your GitHub account. It holds all your project-related information, and you can create an unlimited number of repositories.

🔹 Only the Project Manager/Lead Should Have Written Access to the Main Branches: The product should be clean, understandable, and simple. Merging new code should only happen after the approval of the project manager.

🔹 The Master Branch has Only the Production Code: The master branch is the main branch of a git repository, from where all future changes will be deployed. It is also known as the production branch in the software industry.

🔹 Delete Protection for Main Branches: Delete protection for *main branches* prevents deletion of the branch by non-admin users. When enabled, the branch will require a confirmation from an administrator to be deleted. This is especially useful in organizations that want to enforce some control over the release management process.

🔹 No secrets or Environment Files will be Pushed to the Repository: We never store any secrets or environment files in the repository. All credentials and other sensitive information are stored in secure config vaults.

🔹 Only Developers Working on the Project will have Access to the Repository: Even though you are the owner of the project, you will not be able to access your repository. This is because the repository is owned by the organization that owns the project and not you.

🔹 Require Two-Step Authentication for Every Bitbucket/GitHub User Account: It is a security feature that will prevent unauthorized access to your account in case the password has been compromised.

🔹 Use SSH keys to Access Remote Git Repositories: Git is a free and open-source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

🔹 Static Analysis Tools Detect Code-Smells, Bugs, and Vulnerabilities: Use CodeGrip or a similar tool to scan repository code, generate reports, and notify over Slack.”

🔹 Update Git Periodically to Keep Safe from Vulnerabilities: To keep your Git repository safe from vulnerabilities, you need to update your project regularly.

Source Code

To keep the source code flawless and void of any errors, the following guidelines may help:

🔹 Follow OWASP: Secure Coding Practices(Automated scan tool like Codegrip can scan this)

🔹 Treat Each Activity as an Event and log each event that happens.

🔹 Strictly Avoid the Use of Credentials in Source Code & AWS Access Key and Secret Key Should Be Used: Some tools automate the process of reversing source code to extract credentials and other sensitive information from the application. A good example is a tool called AWS-CLI Enumerator. Hence by avoiding putting credentials, one can proactively safeguard against such happening.

🔹 Use Secure and Updated IDEs and Plugins: An IDE or integrated development environment is a software application that provides comprehensive facilities to computer programmers for software development. An IDE normally consists of a source code editor, build automation tools, and a debugger. Using up-to-date versions makes sure that any known flaw is already fixed by the IDE team

🔹 Use Static Analysis Security Testing Tools(SAST) like CodeGrip: An Automated Code review tool that gives detailed code quality reports. This way you can fix bugs, errors, coding standards, etc before the code goes into production

🔹 Code Review for Each Pull Request: So that any code that is added to the main branch is already tested

🔹 Dependency-Check: To identify any known vulnerable components