I finished the “Cloud Security Considerations for the Healthcare Industry” course held by Kevin L. Jackson on the Linkedin Learning platform.

The cloud computer is now widely used and different security measures are needed in different sectors. Therefore it is clear that healthcare faces unique cybersecurity challenges, including rules and regulations that protect patient privacy. Specifically, this course explores health-specific cloud security requirements, broken down by region: Asia, Middle East, Europe, Oceania, Africa, and the Americas. After a preliminary overview of cloud computing and its vulnerabilities, the course analyzes the healthcare sector’s approach to cybersecurity in general. Regional analyzes are then analyzed, exploring the safety requirements for each area. So the course concludes with a review of the main threats and some real case studies that show how different security controls can be used to defend companies from cyber attacks.


Hence the course highlights the importance of health data protection. It is clear that keeping data in the cloud has now become a business imperative but it is mandatory to follow the challenge by knowing global data protection and privacy laws, major threats to health data and how to select security controls to protect data from such threats.

Cloud computing

Cloud computing indicates a paradigm for the provision of services by a supplier to an end customer through the internet. These services include processing, storage, data transmission, etc. Therefore, starting from a set of pre-existing resources, these are configured in such a way as to be available remotely as a distributed architecture.

The architecture therefore envisages several real servers physically located in the service provider’s data centers. These are followed by the interfaces for the management of services (configuration, activation, deactivation) and for use. It is therefore possible to distinguish between different types of services:

  • SAAS, software as a service, in which programs installed on the remote server are used
  • DAAS, data as a service, where the data made available is used
  • HAAS, hardware as a service, where the power of the computer is used remotely
  • PAAS, platform as a service, in which platforms are used that integrate different software
  • IAAS, infrastructure as a service, in which different hardware resources such as servers, network capacities and archives are exploited for the platforms that need them