infographic healthcare breaches
infographic healthcare breaches

Source: HIPAA Journal

Keep your Healthcare applications secure with EasyHealth

With an average cost per patient of $429/419€ [1] in the event of a data breach, one does not need to make a lot of calculations to see how essential patient data security should be apart from the moralities.

What do I need to pay attention at? Can I just let someone else do it and not worry about it?

EasyHealth is your solution

  1. Why a managed storage service?
  2. The two EasyHealth solutions compared
  3. Data privacy issues in the public cloud
  4. Pricing

The problems with healthcare data

Healthcare data is of much value, and therefore a constant target for hacks. Just imagine the benefit for advertising or insurances, if companies would know about all the illnesses of a person. And especially how much people woud be willing to pay for a snake oil cure that promises instant relief.

Evil employers would benefit as well, being able to “kick out” ill or pregnant people in time.

Even though these are hopefully still science fiction scenarios, you can easily see why hackers target clinics and healthcare providers.

Let us look at some numbers:

2,550 data breaches have compromised over 189 million healthcare records in the last decade.

89% of healthcare providers have undergone a data breach.

Cyber threats are expected to hit $6 trillion in losses by 2021.


Reasons for breaches

Oftentimes the reasons for a databreach can be broken down into:

  • Software that is not updated
  • Servers that are not isolated (on-premise)
  • Wrong usage of the public cloud
  • Missing backups
  • Bad networking setups

Usually clinics and healthcare providers focus their time and effort somewhere else, and end up just installing software once, never updating it. Same as your phone and computer updates, the clinic systems should be updated as well to patch new security leaks. There is a whole industry designed to discover new security leaks in applications and software, and sell them as “zero day exploits” to the highest bidder. Of course these leaks get “patched”(fixed), but if no one install the update, the well known exploit will always remain open for everyone to use.

Additionally, a lot of people do not implement the matching security measures when using the public cloud, leaving ports and machines open for everyone to access.

Due to these breaches, both the US and EU have implemented strict laws regarding storage of healthcare data.

In the US, this protocol is called “HIPAA”, or “Health Insurance Portability and Accountability Act” in the longform.

In Germany and the EU, these specifications are divided into the general part called “GDPR” (The General Data Protection Regulation) and further laws defined by each state, like the “BayKrG” (Bayrisches Krankenhausgesetz).

Even though there are complex sections, they can be basically summarized for both as:

1. Encrypting data

  • Data should always be encrypted both on the disk, as well as in transport (SSL)

2. Let users only see what is necessary

  • A nurse should only see medical data she needs
  • Someone from accounting should only see “numbers” etc.

3. Log who edited and saw what

  • In case there is a breach or violation, you should be able to identify who accessed what

4. Be prepared to report a breach if it happened

  • You are required by law to submit a report if a breach occurs, in a short amount of time including details that should be prepared beforehand

5. Physically secure servers

  • Only authorized people should be able to access servers
  • Logging who did what

6. User management system

  • Automatically expire passwords after time x
  • If an employee leaves the company, his credentials should automatically expire

What can EasyHealth do for you?

Assessment of the status quo

We can consult you to get a “status quo” report on what you are already implementing, and where you have areas of improvement. Book a free 15-minute consultation to find out more.

Compliant Hosting

With our Hosting services both in the US and Germany, we are offering compliant hosting outside of public cloud providers, providing you a secure and isolated “private cloud”. Check out EasyHost to learn more, or book a free 15-minute consultation.

Managed compliant Kubernetes

You are already well experienced in Kubernetes, but are looking for someone to offer a secure and private Kubernetes hosting solution? You have come to the right place, with EasyKube.

Managed compliant Databases

We are offering compliant and secure Postgres (SQL) and MongoDB (NoSQL) databases. Check out EasyDB to learn more, or contact us for other databases that you need to have managed.

Webapplication programming

We can create Microservices, Websites and full applications using state-of-the-art tools, all compliant to German or US compliance laws. Book a free 15-minute session to discuss your plans.

Secure & compliant data archival

You are just looking for a safe way to archive or store your medical data? Check out EasyStore to learn more, or contact us to discuss your plans.

Not exactly what you were looking for?

Check out our other services:


We are offering a huge variety of storage solutions:

  • Do you want something like Dropbox/Google Drive/OneDrive? Check out "EasyStore Drive".
  • You are rather looking for an S3 compatible object storage? Check out "EasyStore S3".
  • Are you looking for a way to host your own data driven applications? Our managed Kubernetes "EasyKube" or hosting in general "EasyHost" might be something for you.

  • Looking for something else? Book a free 15-minute consultation to find out more.


    We are offering a huge variety of hosting solutions:

  • "EasyFAAS" allows you to "just run" your code, without worrying about servers, infrastructure and everything. It is a FAAS (function-as-a-service) solution, and therefore the highest infrastructure abstraction that you can get.
  • Our managed Kubernetes "EasyKube" helps you to get up and running with Kubernetes in seconds, with domain based routing and persistence by default.
  • Are you looking for an individual hosting setup? "EasyHost" might be something for you.

  • Looking for something else? Book a free 15-minute consultation to find out more.



    Data Engineering is in our blood. If you are looking for a way to host your machine learning models in a secure and compliant way, then we are you perfect partner.

    You have a lot of data and want to gain new insights? We will be able to create ETL (extract-transform-load) pipelines, host and store unlimited data, create models from it and create visualizations and recommendations for your business.

    Book a free 15-minute consultation to find out more.

    Consulting & Development

    Having a broad knowledge of Cloud, Data and DevOp technologies, we will be able to consult and help you with any project

  • Python, Go, Web & React programmers
  • ETL pipelines
  • SQL & NoSQL experts
  • Kubernetes
  • Docker
  • Cloud
  • Strategies and Business Decisions

  • Book a free 15-minute consultation to get an individual offer.