Global Edition
Cloud Computing

Infrastructure reality check: What can go in the cloud, really?

Some healthcare CIOs say it's time to move just about everything to the cloud, while others say not so fast.
By Bill Siwicki
December 12, 2018
11:19 AM

Long-term cloud costs

The long-term costs of managing cloud services must be considered. Something can be very easy to use but is not feasible from a cost control perspective.

“Theoretically you do not want to go down the road of using a cloud solution just because it is easy, because it might come with a cost uplift,” he said. “Easy does not always translate into how things are operationalized, hence how things are paid for and managed and budgeted.”

So while ease of use is indeed a consideration, it seems like the big question still comes down to what can healthcare CIOs really put in the cloud today? On the security front, what data and applications can exist in the cloud?

Since 2013, Brookdale University Hospital and Medical Center’s electronic health record has been in the cloud.

“We are very careful with our patient data, we have taken a strong stance on the security aspect of that, constantly making sure that it is as good if not better than self-hosted,” said Tarlow of Brookdale. “Our ERP system is in the cloud, many of our ancillary systems have been in the cloud for five-plus years. Our interface engine.”

Technologies the provider organization has not yet moved to the cloud are ones that are heavily dependent on bandwidth, and that staff are not yet fully comfortable with the speed of moving these last systems to the cloud. Staff are strategizing on how to move them to the cloud.

Nearly everything to the cloud

Wellman of Comanche County Memorial Hospital said they are on track to move just about everything to a cloud/remote-hosted setting with very little left onsite.

“This currently includes our ambulatory applications, financials, time and attendance, and as we move to a new acute care application, we are requiring it to be offsite,” he explained. “We are in the process of selecting a new acute care EHR and we expect it to be offsite as well. In the past we felt the interfacing and processing power should all be local, but as we have experimented over the years we felt this is no longer an issue with speed, assuming you have robust ISPs with multiple pathways to reduce the chance of excessive downtime.”

These three healthcare executives are generous when it comes to what they feel a healthcare organization can put in the cloud. Is there anything they feel should not be in the cloud?

"We are very careful with our patient data, we have taken a strong stance on the security aspect of that, constantly making sure that it is as good if not better than self-hosted."

Eli Tarlow, Brookdale University Hospital and Medical Center

“We really have not found anything that cannot go to the cloud, although some associated performance issues could cause you to not pursue it wholly,” Wellman said. “For example, we see the benefit of pushing our DICOM images to the cloud, but only in a hybrid design where we have onsite equipment that can receive from the modalities and then push the image to a cloud without causing a delay in that process.”

A good hybrid design would allow the organization to appropriately size and maintain the onsite storage to build an image cache and allow for pre-fetching larger images to avoid excessive wait times when a provider wants older images for comparison such as mammography, he explained.

“I would also like to point out that this model is preferable to our facility because we are in tornado alley on the Oklahoma plains, so this is a big part of our disaster recovery and business continuity plans,” he added. “It is easier and much more affordable for us to establish emergency network connectivity than it is to build or contract for a fully functional secondary data center. That played a big role in our decision to move toward the cloud.”

Still some concern among CIOs

Right now, healthcare organizations remain slow to adopt cloud methodology for the use of protected health information, contended Earle of Kaleida Health.

“Among the reasons why is that there has to be a constant that the data does not leave the United States or countries that value intellectual property and patient confidentiality or sensitive data,” he said. “Until the businesses can guarantee that your data does not move outside of the areas and controls or some kind of geo-fence of that data, it becomes less and less practical that healthcare providers would whole-heartedly put their sensitive data into the cloud.”

It is starting to happen, though. Cloud companies now are starting to accommodate PHI and related rules and practices, he said.

“They are starting to put those guardrails onto the data, but there still is some level of hesitation among CIOs around the country to adopt the cloud solutions until there is much more comfort around the resiliency of that data within the cloud,” Earle said. “There has to be some level of breakthrough when it comes to the vendors that are offering cloud services and their complete understanding of how health delivery organizations operate and do all of the constraints.”

What should a CIO say to concerned peers in the C-suite asking questions about security? Tarlow of Brookdale University Hospital and Medical Center points to some standard activities within the IT department.

“We do routine audits on this every single year; we run a security audit against it to make sure,” he said. “But I would reverse the challenge and say what if it’s onsite, what additional technologies, personnel, bells and whistles, would we have onsite that we do not already have in the cloud? Aside from someone breaking into our building, but we have security guards and I assume all of the cloud vendors have security guards.”

Cloud vendors have deeper pockets

The cloud vendors can afford the redundancies that individual healthcare organizations may not be able to afford independently, he added.

“I would educate the executives on the risks and hazards and on the benefits of doing it onsite versus offsite, so they can really learn,” he said. “It is a scary world out there. It’s really about becoming the most secure.”

He added that he was CIO at Bellevue Hospital during Superstorm Sandy. The majority of that organization’s systems were offsite, including the EHR, he said.

“The hospital was challenged, patients were discharged to other hospitals because we had to evacuate,” he concluded. “It helped us that our EHR was hosted remotely. These are not things in our dreams anymore, these are things that are really happening. And they are validating our strategy.”

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com

 

Focus on The Business of Healthcare

In December, we take a deep dive into what top business decision makers need to know about digital transformation.

Topics: 
Cloud Computing, Network Infrastructure, Workflow

More regional news

View of Mount Sinai Health System buildings in Manhattan

Mount Sinai Health announces new Center for AI and Human Health

By
Andrea Fox
November 25, 2024
Clinician stands, working with a tablet

Yale study shows how AI bias worsens healthcare disparities

By
Mike Miliard
November 25, 2024
A person checking their smartwatch-tracked fitness data on their smartphone.

Singapore tackling chronic diseases with wearables

By
Adam Ang
November 25, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Clinician stands, working with a tablet
Yale study shows how AI bias worsens healthcare disparities

Most Read

Korea's largest hospital bags APAC's first Stage 6 of new INFRAM
Visible, active leadership is vital to change management, says Epic emeritus CIO advisor
Sens. Warner & Wyden seek healthcare cybersecurity mandates in new bill
CIOs must understand change management theories, frameworks and practices
5G will power the next evolutionary stage of healthcare in APAC
Three key strategies for managing healthcare's distributed workforces

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Paul Wilder at CommonWell Health Alliance_Part 1_Digital binary code with springing lock Photo by JuSun/iStock/Getty Images Plus
Notching up FHIR at scale - Part 1
David Miles at Oklahoma Heart Hospital_Part 2_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
Switching from Cerner to Epic? Meet a CIO who made it out alive
David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care

More Stories

David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
David Miles of Oklahoma Heart Hospital
Deep dive: A tour of all-digital Oklahoma Heart Hospital, where automation is the norm
Healthcare workers looking at X-ray images on monitors
Streamlining healthcare operations with multicloud-by-design
Nurses review a patient record on a digital tablet
All private hospitals in Singapore to connect to...
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Mehmet Oz
Trump picks Dr. Mehmet Oz to head CMS
Agency cybersecurity infosec illustrated by many colored streams harnessed by a lock
OIG again deems HHS' infosec program ineffective
Joanna Lucas, RN, of St. Luke's University Health Network
Case and referral management technology gets big results for St. Luke's