Every organization is considering “cloud” approaches for their business, yet if you ask “what is cloud” you’ll get a wide range of answers. This variety of cloud options has an impact on healthcare organizations, especially those contemplating a future cloud strategy aligned to regulatory compliance.
Technically, cloud computing have five essential characteristics: on demand self-service, broad network access, resource pooling, rapid elasticity and measured service. Healthcare organizations implementing a cloud strategy can use a variety of deployment models. These models are public cloud, private cloud, community cloud and hybrid cloud – and healthcare companies can implement cloud functionality in different ways.
Let’s explore a few use cases from select industries that highlight the effective use of varied cloud options. Some of these use cases, and their use of cloud deployment models, can be applied to the healthcare industry.
- A large hotel chain determined that they “were not in the data center business” and wanted to turn capital expenditure into operational expenditure. Being able to scale geographically and having a flexible consumption model bolstered by strong service level agreements were key considerations. In this case, a multi-tenant public cloud strategy is effective. This enables a phased-application migration off the existing data centers and provided a flexible staging and test area. More importantly, significant cost savings went back to the business.
- A large manufacturer launched a video surveillance-as-a service. This business model required massive access to network connectivity, as well as enterprise-class availability in an extremely secure environment. This approach utilized all of the characteristics of the scale and consumption models of a cloud compute platform, but segmented their data and applications in a private cloud. The architectural component and security control flexibility met stringent data security requirements.
Varied cloud models and the simplicity of consumption-based pricing give healthcare organizations a unique opportunity to implement new applications without significant technology investments. This can be seen in the above situations.
When it comes to protecting electronic patient health information (ePHI) many healthcare organizations have a concern that their data is more exposed or vulnerable to breaches when they outsource parts of their network to third-party cloud vendors. Studies show that this is not likely. In fact none of the data breaches analyzed in Verizon’s 2013 Data Breach Investigation Report occurred when organizations used a third party hosting or “cloud” provider.
Most enterprise-class cloud providers have rigorous security methodologies in place (for their own business models to be successful) and in many cases healthcare organizations that outsource to a cloud provider can improve the security controls for their organization.
In my next blog, I will discuss how healthcare companies can plan a phased migration to the cloud, and the optimal selection of the cloud methodology for their business.