Change Healthcare is providing healthcare leaders the keys to cloud security with Change Healthcare Security Management, which includes a “Bring Your Own Key” (BYOK) service now offered as part of the company’s cloud-based HealthQx value-based care analytics suite.
Change Healthcare HealthQx is an episode analytics suite that helps payers and providers accelerate value-based payment innovation that uses the Microsoft Azure cloud. HealthQx collects, analyzes, and reports claims and other information to help healthcare stakeholders design, develop, scale, and improve their value-based care programs.
As part of Change Healthcare’s approach to enabling payers and providers to have immediate, granular control over their cybersecurity profile, customers using the HealthQx value-based care analytics suite can now make security changes without involvement by Change Healthcare personnel, and have their cloud-based systems re-encrypted and operational without service interruptions.
Full control is in the customer’s hands, including audit and monitoring checks that flag changes. This agile capability is in stark contrast to traditional key management, which is error-prone because it requires planning, training, communication, and orchestration with a team of people manually working across multiple organizations.
Prior to the release of this new Change Healthcare Security Management BYOK service, cloud encryption keys in healthcare were traditionally the responsibilities of solution vendors to manage. Providers and payers had to contact their vendors to respond to requirements large and small, including routine key updates, revocation of employee clearances, perceived threats, or actual attacks and breaches. This outdated, manual process costs payers and providers valuable time and can have an impact on data being compromised or remaining secured.
This new BYOK capability in the Change Healthcare Security Management suite lets payers and providers create, update, or revoke encryption keys on demand, enabling rapid responses when potential or active threats to sensitive data in the cloud are anticipated or encountered. Payers and providers can invoke a virtual “kill switch” that instantly stops access to protected data and services and can re-enable access within minutes using a new encryption key—effectively blocking active threats.
