Cloud computing—the process by which data, including healthcare data, is stored, processed and distributed across a network of Internet-hosted servers rather than a local-based server or a personal computer—is becoming a more widely used term in healthcare.
Still, many executives are confused about how cloud computing will impact their organizations.
Don Martin, vice president and technology practice lead at healthcare consultancy Novia Strategies, says gaining this understanding is critical.
“Developing a thorough knowledge and appreciation for both the risks and the benefits available from cloud computing will position hospital technology leaders to adopt and manage 'big data' more effectively and economically,” he says.
Here are 10 key things Martin says healthcare executives should know about cloud computing:
1. Cloud computing allows organizations to store and manage “Big Data” and releases the organization from the need to develop and manage server and supporting infrastructure internally.
2. The fact that cloud computing provides authorized users with on-demand access to health data users anytime and at any place generates significant end-user satisfaction.
3. Cloud computing is economical; it allows healthcare organizations to benefit from the economies of scale available when sharing cloud-computing technology assets and services with organizations sharing the same platform.
4. Cloud service fee structures are elastic and scalable; organizations pay for as much or as little as they use. Additionally, cloud computing enables the healthcare organization to shift capital investment requirements and obsolescence risk to the cloud service provider.
5. Major cloud computing vendors provide HIPAA compliant technology services, and in many cases, can do so more consistently and reliably than an individual healthcare organization.
6. By virtue of sharing “cloud space” alongside other organizations, the healthcare provider “releases” control over its data, including PHI data.
7. Cloud service providers must be carefully evaluated and selected on the basis of their demonstrated ability to manage regulated data using best practices, including data encryption practices, availability of private as well as public (i.e., multi-tenancy) cloud services, data breach and threat detection monitoring systems.
8. Consider a vendor’s track record for system response time, availability and reliability. Best practice among cloud providers is demonstrating a server availability uptime rate of 99.999+%. Nevertheless, system unavailability is a constant concern and organizations should also carefully evaluate a service provider’s disaster recovery and business continuity capabilities.
9. When entering into a service agreement with a cloud provider, negotiate the exit agreement and terms upfront, particularly with respect to a request for the return of data to the organization and timeframe for complying with such a request.
10. As with any service hosting agreement, development of a comprehensive Service Level Agreement (SLA) outlining scope of services, service provision terms, performance metrics and measurement intervals and escalation and resolution measures should be agreed upon before entering into the agreement.