WHITE PAPER: Microsoft Office 365 Security for Healthcare Organizations: Maximize Data Security
Healthcare organizations ranging from providers, payers, and business associates have recently looked to take advantage of cloud-hosted platforms like Microsoft’s Office 365 solution to drive efficiency and boost productivity amidst growing resource and budget constraints. Beyond the clear operational benefits, cloud-hosted technologies allow healthcare organizations to take advantage of state-of-the-art security functionality that can be deployed and managed more effectively from the cloud.
This January 2018 paper provides an update to our initial Microsoft Office 365 Security for Healthcare Organizations paper originally released in 2017. The latest leading practices for securely deploying Office 365 security features in healthcare settings are detailed in this document. Security considerations outlined in this paper include guidance and recommendations for addressing Office 365 capabilities regarding:
- Encryption options
- OneDrive privacy and security
- Regulatory compliance support
- Information security strategy and policies approach
- Mobile Device Management (MDM) options
- Data Loss Prevention (DLP) capabilities, rules, and policies
- Audit logging and monitoring configurations
- Access controls and permissions
- Licensing considerations for security features
For organizations that have already embarked on the move to Office365, the security recommendations and configurations in this document should be consulted to take advantage of Office 365 security capabilities and maximize security protections through available features and functionality.
Meditology has extensive experience advising healthcare organizations on how to secure cloud-based platforms, including Office 365. Contact our healthcare security professionals to learn more about how we may be able to assist with securing patient information and supporting systems.