What is Patient Data Segmentation Strategies within Security Service Edge (SSE) for Healthcare?
Patient data segmentation with Security Service Edge (SSE) categorises sensitive healthcare information based on access requirements. Combined with SSE's tools like SWG, CASB, ZTNA, and FWaaS, it ensures secure, role-based access, minimises data breach risks, supports compliance, and enhances data privacy across healthcare systems, improving both security and operational efficiency. |
Patient data segmentation is essential for managing and protecting sensitive medical information whilst optimising healthcare delivery.
Integrating patient data segmentation alongside Security Service Edge (SSE), healthcare providers can be reassured that patient data is safeguarded across a range of network edges.
SSE combines integral security features, such as Cloud Access Security Broker (CASB), Firewall-as-a-Service (FWaaS), Secure Web Gateway (SWG) and Zero Trust Network Access (ZTNA) into a single unified platform and in this article, we’ll explore how the integration of these capabilities work alongside patient data segmentation strategies to benefit healthcare providers.
Table of Contents
Understanding Patient Data Segmentation
A common misconception is that patient data segmentation and network segmentation are the exact same thing – and it’s easy to see understand why. Not only are they both forms of segmentation but network segmentation is also often used in a healthcare setting.
For network segmentation, which is the process of isolating resources, applications or data from the rest of the network, we would recommend reading this glossary article.
Patient Data Segmentation is the process of categorising patient information based on sensitivity and access requirements or by demographics. Patient Data Segmentation’s typical use cases would be to stagger patient records based on the sensitivity of each portion of information, therefore hiding information outside the remit of the accessing healthcare professional/administrator’s duty. An abstracted example of how this hierarchy may work is:
- Lowest Sensitive Data: Name
- Medium Sensitive Data: Ongoing prescriptions
- Highly Sensitive Data: Full medical record, billing information or full address.
Whilst not an exact example, the above highlights how reception staff (checking in patients to a hospital appointment) should be able to access a patient’s name, however they should not be able to view the patient's full medical record.
In a similar fashion, a surgeon should not be able to view a patient's billing information due to this being outside of their line of work.
Patient data segmentation therefore focuses on controlling access to health data through isolation, ensuring that information (especially sensitive health data) is only accessible to those with the appropriate permissions and needs to do so.
Implementing Patient Data segmentation strategies enable healthcare providers to maintain strict security controls over sensitive information in order to comply with a range of regulations, which we will cover later in this article.
For healthcare providers, separating health information is not only a regulatory requirement but can also prove advantageous, with some of the key benefits of segmenting patient data:
- More personalised patient care delivery
- Optimised resource allocation
- Improved security controls
- Regulatory compliance management
By segmenting patient data, the healthcare industry gains more granular access and control. Once segmented, healthcare providers can categorise data sets based on sensitivity and therefore network administrators can enforce more precise access restrictions. As our example above indicates, no role in healthcare requires complete access to all of a patient’s health and sensitive (such as billing/address) information at any given time and therefore minimising this “super access” is essential to prevent data breaches and comply with regulations.
Implementing patient data segmentations reduce the risk and impact of a breach, due to the limitations placed on lateral movement. By reducing availability, should a healthcare professional or administrator’s account become compromised, the malicious actor accessing it cannot gain then exfiltrate all the information about a patient, therefore significantly reducing breach impact. Further to this, by preventing professionals from accessing data outside their remit, healthcare providers minimise the potential for insider threats.
And by putting this approach in place, healthcare providers can more easily comply with a range of different industry guidelines. There are many different regulations, each dependent on the geographical region that the healthcare provider operates within, with the following table indicating key differences between UK and North American healthcare regulations.
Different Aspects of Healthcare's Digital Protection Regulations From UK and North America
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Aspect | UK (GDPR, NHS Digital) | North America (HIPAA, PIPEDA) |
|---|---|---|---|---|---|---|---|
| 1 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Legislation Type | Comprehensive data protection (GDPR) with healthcare-specific guidelines (NHS Digital) | Healthcare-specific regulation (HIPAA) in the USA, and general data protection regulation (PIPEDA) in Canada, with adaptations for the healthcare sector |
| 2 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Scope | All personal data, including healthcare data handled by both public and private sectors | In the USA, applies to healthcare providers, insurers, and their business associates. In Canada, applies to all personal data, including healthcare data handled by commercial organisations |
| 3 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Data Sharing within Networks | Strict rules about sharing with third parties without explicit consent, NHS Digital oversees secure data sharing within NHS networks | Allows sharing of patient data for treatment, payment, and operations without explicit consent but requires safeguards in the USA. In Canada, allows sharing with adequate consent, organisations must establish policies for data exchange security |
| 4 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Data Encryption Requirements | Encryption is recommended under GDPR as a security measure, NHS Digital has strict guidelines for encryption to protect patient data during transfer | HIPAA mandates encryption of electronic Protected Health Information (ePHI) during storage and transmission, particularly in networks. In Canada, PIPEDA recommends encryption as a best practice for secure data exchange, focusing on minimising unauthorised |
| 5 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Data Breach Notification | Mandatory notification to the ICO within 72 hours for breaches, including those impacting healthcare networking | Mandatory notification to HHS and affected individuals without unreasonable delay, generally within 60 days, in the USA. In Canada, mandatory notification to the OPC and affected individuals is required when a breach poses a significant risk of harm |
| 6 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Patient Consent | Explicit consent is required for the processing of patient data, NHS Digital provides a framework for managing patient consent for data sharing | Implied consent is sufficient for treatment, payment, and operations in the USA, while written consent is needed for non-standard use. In Canada, implied consent is used for essential healthcare services, while explicit consent is needed for secondary use |
| 7 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Data Portability | Patients have the right to request copies of their data in a portable format, including healthcare records (applies under GDPR) | HIPAA guarantees patient access to health records, allowing digital copies if feasible, but no specific portability format is mandated. In Canada, PIPEDA requires organisations to provide access to personal data in an accessible format upon request |
| 8 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Third-Party Vendors | GDPR holds both data controllers (e.g. hospitals) and processors (e.g. vendors) accountable, Data Processing Agreements are required | Both HIPAA in the USA and PIPEDA in Canada require organisations to ensure third-party vendors meet privacy obligations. HIPAA mandates Business Associate Agreements (BAAs) for all third parties handling ePHI, whereas PIPEDA recommends contracts to ensure |
| 9 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Data Localisation | Data can be processed within the EU/EEA or other countries with adequate protection, special considerations apply to NHS patient data for security and privacy | No localisation requirements in the USA, patient data can be stored offshore provided HIPAA requirements are met. In Canada, there are no specific localisation requirements, but organisations must protect transferred data, including cross-border data shar |
| 10 | hyelland | 07/11/2024 02:42 PM | hyelland | 07/11/2024 02:42 PM | Interoperability & Standards | NHS Digital supports interoperability and data standards such as FHIR (Fast Healthcare Interoperability Resources) to facilitate secure networking between systems | Encourages interoperability through ONC standards and FHIR adoption in the USA, focusing on secure communication channels within healthcare networks. Canada also supports interoperability, often guided by provincial regulations, and generally follows FHIR |
However, one of the common features of these regulations are that healthcare providers maintain a level of access control over patient information. By segmenting patient data, the healthcare providers show a clear strategy on how they intend to maintain access control, potentially simplifying compliance processes and making both audit trails and reporting more manageable in the long term.
When considering generating reports from outside the scope of guidelines, data analytics and research tasks also benefit from segmented patient data. By isolating sets of information, researchers can analyse specific data sets without exposure to unnecessary data (such as sensitive patient information or data from non-targetable demographics). By enabling access to anonymous data whilst also preserving patient privacy, research-driven tasks benefit significantly, with less data breach vulnerabilities introduced.
Implementing Patient Data Segmentation within SSE
The core functions of SSE (SWG, CASB, ZTNA and FWaaS) all work in unison to support Patient Data Segmentation measures.
Secure Web Gateway (SWG) monitors and controls web traffic, preventing unauthorised access to patient data on web applications or through techniques such as session hijacking. This means that SWG can be used for web-based Electronic Health Systems (EHRs), Patient Portals, Telemedicine platforms, amongst many other systems. This protects patient data being stored or transmitted across these mediums, supporting the data confidentiality features that Patient Data Segmentation offers.
Whilst SWG protects web usage, healthcare providers are typically moving to cloud applications and therefore need security in place to protect these cloud environments. The Cloud Access Security Broker (CASB) capabilities within SSE provide visibility and control over data stored in cloud applications, ensuring that patient information remains secure when accessed remotely. This can also apply to cloud-based EHRs and Telemedicine, as well as clinical data warehousing, Health Information Exchange (HIE) and cloud-based medical imaging systems.
Cloud Applications used in Healthcare Environments
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Cloud Application | Description |
|---|---|---|---|---|---|---|
| 1 | hyelland | 18/11/2024 09:48 AM | hyelland | 18/11/2024 09:48 AM | Electronic Health Record (EHR) Management | Cloud platforms for managing health documentation, integrating electronic medical records, and practice management services. |
| 2 | hyelland | 18/11/2024 09:48 AM | hyelland | 18/11/2024 09:48 AM | Telemedicine and Patient Care | Cloud-based platforms enabling virtual consultations, patient communication, and remote healthcare delivery. |
| 3 | hyelland | 18/11/2024 09:48 AM | hyelland | 18/11/2024 09:48 AM | Clinical Decision Support | Systems that assist healthcare professionals with real-time diagnostics, patient data analysis, and medical training tools. |
| 4 | hyelland | 18/11/2024 09:48 AM | hyelland | 18/11/2024 09:48 AM | Data Security and Compliance | Cloud solutions focused on protecting sensitive patient data, ensuring GDPR and HIPAA compliance, and secure document management. |
| 5 | hyelland | 18/11/2024 09:48 AM | hyelland | 18/11/2024 09:48 AM | Healthcare Analytics and Management | Integrated platforms providing data analytics, machine learning, and tools for operational efficiency in healthcare. |
| 6 | hyelland | 18/11/2024 09:48 AM | hyelland | 18/11/2024 09:48 AM | Revenue Cycle Management | Solutions aimed at optimising financial workflows, billing, and revenue management in healthcare organisations. |
This is ideal for enabling the use of the cloud within a healthcare environment, whilst also supporting Patient Data segmentation practices.
With SWG and CASB applications enabling data to be accessed by mobile and remote workforces, healthcare providers might be wondering how they enforce network security policies on these users – in the same manner that they do for internal professionals. SSE has this covered too, with Zero Trust Network Access (ZTNA), which enforces strict access controls, verifying each access request to patient data, regardless of the user's location or device. This supports the use of Patient Data Segmentation by ensuring that the accessing user has the correct privileges/requirements to do so and therefore prevents data access when this criteria is not met.
And in the event of a breach, SSE offers both its Firewall-as-a-Service (FWaaS) and Data Loss Prevention (DLP) functionalities, which monitor and protect sensitive patient data from unauthorised transmission or exposure. These reinforce the patient data segmentations, detecting if exfiltration attempts are being made to move data from one segmentation to another.
Best Practices for Patient Data Segmentation in Healthcare
There are many best practices that we would recommend healthcare providers adhere to when implementing Patient Data Segmentation. Before implementing any forms of segmentation, the first recommendation we would make is that healthcare organisations must ensure the integrity of their data through de-duplication.
Data deduplication requires the identification and removal of data that has been stored multiple times, simplifying data management and making data entry/update processes easier for professionals and administrators. De-duplication also means that there are no inconsistencies of access privileges. For example, if a patients ongoing care details are stored in multiple places, access privilege inconsistencies may mean that healthcare professionals may still be able to access the data in one segment, even if they aren’t authorised in another.
Once duplicate data has been removed, data must be standardised into designated formats, minimising inconsistencies and assists administrators to find incomplete records. This assists with preventing incorrect information being inputted or data being entered in the wrong locations, which may interfere with segmentation privileges.
To begin implementing data segmentation, Healthcare providers should establish clear criteria based on a range of factors which can include (but are not limited to):
- Demographic information
- Medical conditions
- Behavioural patterns
- Access requirements
- Security sensitivity levels
Once these have determined, healthcare providers can implement a role-based access control system to ensure that only authorised personnel can access certain types of patient data, protecting data from being accessed unnecessarily (such as in the event of a breach).
A more well-known security best practice is encrypting stored patient health data, but this doesn’t meet all security needs. The best way to protect sensitive patient data is to encrypt it during transit between segments, therefore protecting against unauthorised access if the data is intercepted.
Finally, healthcare providers should conduct continuous monitoring and auditing of data access, logging who and what has accessed sensitive data in order to create an audit-ready trail. This means, in the event of a data breach, healthcare providers can locate affected segments and the source of the attack.
Challenges in Patient Data Segmentation
When segmenting any system or dataset, there are always challenges and concerns regarding the level of access required in order to carry out daily tasks. For example, in a healthcare setting, professionals may need to share patient data if there is a safeguarding issue and it’s within the best interest for patient wellbeing. Given that patient information would otherwise be segmented and isolated, having proper procedures in place is essential to prevent unauthorised sharing of data.
As healthcare data systems come in various forms, often split over multiple platforms, managing and segmenting patient data can become more challenging due to differences in policies or micro-segmentation capabilities. Prior to implementing Patient Data Segmentation, network administrators within the healthcare industry must consider these differences and therefore plan their systems around it. One of the best ways to mitigate these limitations is data de-duplication, which, as previously mentioned, prevents the same patient data from being stored across segments with varying security policies.
Further to this, network administrators must ensure interoperability, which requires understanding how data flows between different segments whilst still applying security layers. We would recommend that any traffic being transmitted between different Patient Data segment encrypts traffic in order to maintain integrity and confidentiality of the data.
Case Studies
One of the more notable case studies for Patient Data Segmentation is Cromwell Hospital. At Cromwell hospital in London, there were concerns over the security for unmanaged medical devices, such as CT, MRI and legacy equipment. To meet these requirements, Cromwell hospital implemented Elisity Cognitive Trust, a solution for identifying unmanaged devices, providing a software-defined zero trust architecture and implements Patient Data Segmentation. The solution was implemented in two days, with minimal disruptions and ensured that patient data was isolated and encrypted between equipment, leading to improved data security and integrity.
Another case study is Frimley Integrated Care System (ICS), which used population health management analytics in order to identify more high-risk patients, enabling remote monitoring to proactively manage these patients care. This was key to Frimley ICS as it led to reduced workload on primary care teams, reduced volumes of hospital/GP visits and improved patient outcomes.
By segmenting patients based on risk and implementing remote monitoring, Frimley ICS moved from a reactive to a proactive model of care, optimising resource allocation and improving overall efficiency.