According to data compiled by the Department of Health and Human Services’ Office for Civil Rights, more than 2,180 healthcare data security breaches occurred between 2009 and 2017. Those breaches affected 54.25 percent of the U.S. population. As a result of the severity of this issue, healthcare administrators seek innovative ways to prevent data theft and other cybersecurity breaches. And more and more are turning to experienced architects for design expertise.

Thoughtful architecture strategy and design bolster security in hospitals and other healthcare facilities to protect sensitive patient information and limit access to authorized personnel-only spaces.


Architects help hospital administrators overcome healthcare data security challenges.

How Architects Improve Healthcare Data Security

Safeguarding sensitive data is top of mind for healthcare administrators across the country, and, due to the malicious intents of hackers, their security efforts are never-ending. Architects help administrators overcome security challenges by designing for the following:

  • Balanced Open and Secure Areas. Architects strive to create spaces that are welcoming to all and improve the overall patient experience. However, creating a more open facility means more vulnerability to data security breaches. To prevent access to data storage and other personnel-only areas, architects must separate them from community spaces through improved wayfinding and use of partitions, privacy glass, and other subtle design features that don’t alienate patients and visitors. Doors to secure areas should be painted with subtle colors (grey-green, pale blue, or plain white) that blend into the background and are less noticeable to visitors. Visitor entrance doors, on the other hand, should be bold in color to attract the eye.
  • Improved Visibility and Eyes in the Sky. Clear lines of sight in common and secure areas allow healthcare staff and security personnel to more quickly identify an intrusion. Additional security features, such as cameras and motion sensors, should also be implemented.
  • Enhanced Check-In Process. Upon arriving in the reception area, patients enter their information into a data-secured kiosk surrounded by privacy screens. No words are spoken, so there’s no risk of eavesdropping. The kiosk is also a paperless system, so there are no documents to get in the wrong hands. Greater patient privacy leads to improved patient satisfaction levels.
  • Improved Reception-Area Privacy. To ensure that reception desks are truly private, architects often use Virtual Reality (VR) technology and 3-D modeling during the planning stage. We used both of these top healthcare trends to help us strategize the waiting area of Henderson Hospital in Henderson, Nevada, and test the line of sight from every angle of the space.
  • Reinforced Protocols. Architects build layers of security into protected areas to encourage healthcare staff to follow proper security protocols. For example, not only should the main entrance to an IT space be locked, but the rooms inside that area should also be secured.

These solutions won’t prevent every security breach or hacking incident, but they can close common security loopholes and offer additional protections for data storage systems.

aiser Permanente’s self-service kiosks improve healthcare data security.

Designing for the Future of Healthcare Data Security

One of the greatest challenges that healthcare sector administrators face is implementing a security system that accounts for the needs of the present and the future. For example, more healthcare facilities are using cloud storage to keep their data secure, but the cloud presents security risks of its own. Cyber hackers are constantly finding new ways to access sensitive information, while security professionals continue to thwart them with more efficient protocols.

To allow healthcare administrators to keep up with the latest data security technological advancements and best practices, architects must design with flexibility. For example, to meet a medical supply storage need today, an architect might design using flexible features, such as wheeled shelving. That flexible shelving can later be wheeled out to allow the space to meet an IT need in the future, such as an office for an IT manager or to hold a larger air-conditioning unit needed for an IT system upgrade.

The transition can be made easily and without costly renovations. For example, designing a small IT closet or security room won’t strain a budget, but creating a security system for a facility can be expensive. By coordinating with security contractors architects are able to stay well within budget in order to meet their client’s expectations.

When you hire an architecture firm that understands the importance of both security and flexibility, you’ll help ensure that your facility is always prepared for future growth and technological improvement. At HMC Architects, we design using security features that protect data and patient privacy, and improve staff efficiency.

To learn more about designing for healthcare data security, contact HMC Architects today. If you have specific questions about the design strategies covered above or our planning process, email George Vangelatos, Chief Design Officer, directly.


  • Photo by Chris Grant