– Wes Rhea, Chief Compliance Officer – Privacy & Security Officer, BioIQ –
Earlier this month, I had the opportunity to join leaders from Children’s Healthcare of Atlanta, First Data, Travelport and Verizon as the keynote speaker at a Technology Association of Georgia (TAG) event focused on a hot industry topic: security and compliance in the cloud. While the cloud offers potentially enormous cost savings, a lack of proper safeguards can make this security hurdle one of the largest for any organization.
The event, held at First Data’s headquarters in Atlanta, featured a panel discussion on topics including PCI, HIPAA, security and the regulatory compliance issues organizations face when looking to leverage the cloud.
The benefits of cloud computing are numerous, including cost effectiveness, elasticity, scalability and resource management. These benefits make cloud adoption inevitable. However, maximizing security and minimizing risk in the cloud demands a new level of security.
During my keynote, I addressed the perceptions – and common misconceptions – of the cloud, including security, privacy, cost, certifications and control. Next, I asked the audience of 150 compliance and security professionals to share their top concerns when it comes to using a cloud provider. Across the board, privacy and security ranked at the top of the list. We proceeded to discuss how cloud providers can alleviate these concerns by having industry standard certifications, such as an SSAE 16 SOC 2 Type 2, which ensures that proper security controls are in place and are working effectively. Additionally, hiring an independent third-party to audit the controls provides organizations with another layer of security with industry standard recognition.
At BioIQ, protecting our participant data is critical and certifications such as the SSAE 16 SOC 2 Type 2 help me sleep at night. Many customers won’t even consider doing business with us without this certification. BioIQ views this certification as an annual investment that helps increase potential clients, retains current clients and improves productivity and accountability.
Thank you to TAG, First Data and the panel participants for an evening of great conversation, networking and the opportunity to promote best practices for security in the cloud.
Wes Rhea provides executive leadership to help BioIQ meet growth challenges through centralization of all privacy and information security. His objective is to protect client data while enabling the business to succeed. He is responsible for developing, maintaining and reviewing the company’s privacy and information security policies and procedures.