Despite intense concerns about data and HIPAA rules, the cloud is poised to become a big part of healthcare. But much of it is likely to remain on-premises or private clouds, with some reliance on the public kind.
A survey from Level 3 and HIMMS Analytics finds growing adoption of cloud for a range of healthcare functions, significantly growing in just the past two years. The survey finds 47% of survey respondents were planning to use the cloud for back office functions, up from 22% just two years ago. Likewise, 47% were planning to use the cloud for business continuity and disaster recovery in 2014 — up from 31% in 2014. Another 41% are using cloud services to support involvement in health information exchanges, up from 20% two years ago. “There’s more to come,” the survey’s authors add, “as the cloud is poised to play a prominent role when healthcare organizations deploy telemedicine, mobile health applications and remote monitoring tools.”
Many healthcare providers already are using or planning to use the cloud, the HIMMS researchers conclude. “Organizations are increasingly willing to trust the cloud with protected health information. Healthcare providers are testing cloud platforms with back office applications first, with plans to leverage cloud solutions to manage analytics, storage and rolling out patient facing applications.”
Another survey by SADA Systems finds that 89% of healthcare IT professionals said their organizations are using cloud-based apps, “resulting in happier patients, better treatment and more efficient hospital administration.”
Is healthcare going out to the cloud, or some more nuanced, public-private hybrid more likely in an industry with overwhelming privacy and regulatory concerns? I recently had the opportunity to pick the brain of Joel Taylor, who is CIO with CarePoint Health, who discussed the best fit for the cloud services his company is using. The discussion was part of my work with Forbes Insights.
Overall, the prognosis is good. “We first dipped our toe in the pool about three years ago and haven’t looked back since,” he says. “Overall, our experience has been fantastic, so much so, that we’ve significantly expanded our cloud platform to where a vast majority of what we do is cloud-based.” Most of CarePoint’s cloud efforts are hybrid, with much of it tilting to private clouds.
“Eighteen months ago we had nothing in the cloud, and now, most of our key business applications are in the cloud,” says Taylor. The cloud has enabled us to react to disaster in a different way and pushed business continuity through the roof without spending hundreds of millions of dollars on multiple data centers and thousands of pieces of equipment.”
The company employs private cloud technology to enable connectivity and improve disaster recovery time. “We have the ability to update applications and hardware with little to no downtime across the entire organization,” says Taylor. The company relies on Dell XC Web-Scale Converged Appliances powered by Nutanix. The company also deployed a secure healthcare cloud, leveraging Dell MSite and Dell Cloud Clinical Archive, to support clinical applications and mission critical tasks. “Overall, cloud has been a majorly significant part of our business,” he relates. The company uses Dell Cloud Services to host electronic medical records.
The company also employs public cloud services, Taylor says. ”We also do some work with Amazon Web Services. We’re currently in the testing phase of leveraging AWS beyond storage, but for now we’re just using simplified archived solutions for some of our medical practices.” Carepoint is also evaluating the connectivity of its Nutanix hyperconverged environment, “as well as the ability to utilize AWS compute and Microsoft Azure compute for capabilities such as disaster recovery and standing up proof-of-concept environments.”
Currently, “CarePoint uses AWS to store some nonessential data,” Taylor emphasizes. “As part of our security initiative, we leverage Amazon’s high-end encryption for that data, in addition to making sure it is encrypted on our end beforehand.” He states that “protecting patient information is a top priority,” and thus full public cloud is not an option at this time. “We avoid putting sensitive information, like medical records, on the public cloud for obvious reasons, like HIPPAA,” he states. “There simply isn’t enough insurance with the public cloud. Similarly, we like to avoid placing applications that contain intellectual property or confidential business information on the public cloud.”
Data that could be considered for public cloud includes that which “doesn’t contain confidential business operations, intellectual property, patient records or de-identified information,” he states. However, he adds, “we do not see a need for this at the moment, as the volume of that information is so minuscule.”
Cloud “allows me to keep my team lean and focused on the core business of what we do – healthcare,” says Taylor. “Because I no longer need an army of people to focus on servers and storage arrays, I can divert a significant amount of money toward IT services and offerings that benefit my business.”
This article was written by Joe McKendrick from Forbes and was legally licensed through the NewsCred publisher network.