Strengthening patient data integrity with advanced security and AI solutions

By Helia Mohammadi, Chief AI and Precision Health Officer, Microsoft

April 2, 2025

Microsoft’s security toolkits provided a ready-made solution that allowed an Ontario-based health network to create a stable environment that maintains continuity of care even in the face of disruptions.

A cyberattack has the potential to be catastrophic in any industry. But in healthcare, the impacts are on the level of life and death, compromising access to patient information and to critical digital tools that affect delivery of care.

What’s more, a cybersecurity incident not only has a toll on the impacted hospital, but creates a domino effect on unaffected hospitals. This interruption can drive up waiting room times by as much as 46% and stroke code activations by as much as 47%.

Given the stakes, ransomware attacks and other disruptions to healthcare security pose a major challenge to providers across the industry. But many organizations lack the internal resources to research, evaluate, and implement new security tools and solutions on their own.

That was certainly the case for Mackenzie Health, a two-hospital health network in Richmond Hill and Vaughan, Ontario. “One of the challenges healthcare organizations face is keeping up with constantly evolving cyber threats while we are working with very limited resources,” says Felix Zhang, the health network’s Chief Technology Officer. “We found that adopting the security toolkits provided by Microsoft was a much more effective approach.”

Protecting the integrity of patient data even through disruptions

Earlier this year, Mackenzie Health worked with Microsoft and Sapphire Health Technology Consulting to build its first cloud-hosted electronic medical record (EMR) instance on Azure, which allows the organization to sync its on-premises EMR database to its cloud infrastructure in real time. This cloud read-only instance allows providers and clinicians to access essential patient information, such as demographics, allergies, medications, lab results, and clinical notes, ensuring continuity of care even during a production system outage or cyber incident.

In addition, this copy of the EMR database is isolated from other EMR environments to reduce the risk of cross-contamination during a cyberattack, helping Mackenzie Health protect the integrity of its patient data.

The organization has also adopted almost a full stack of Microsoft security products, including secure email, endpoint protection, multi-factor authentication, and more. This offers users a unified experience across all the platforms, improving operational efficiency and simplifying training, making it easy for users to learn and adopt the new tools.

Custom apps that can be built in days, not months

These enhancements to Mackenzie Health were just the latest step in a long partnership with Microsoft. Since starting its cloud migration journey a few years ago, the organization has migrated most of its business applications to the cloud and leveraged Power Apps to save time, improve efficiency, and fill gaps in its digital capabilities across the organization, from finance to lab. “During the COVID-19 pandemic, we developed an online scheduling system for the vaccination clinic using Power Apps in less than a week,” says Zhang.

Getting ready for next-gen infrastructure and security challenges

How does Mackenzie Health plan to navigate the next stage of digital evolution and security threats?

“As our on-prem infrastructure ages and approaches its end of life, we will shift our focus to evaluating the next-gen infrastructure options for our client computing and clinical systems,” says Zhang. “By leveraging this partnership, we are now better prepared against cyber threats, ensuring that patient care remains safe and undisturbed during a cyber event, and also to maintain the integrity of our data.”