The term may carry with it wispy and ephemeral connotations, but cloud data storage is regulated by the same ironclad security and compliance rules as traditional server storage.


And as more and more Web-based EMRs make their homes in the clouds, helping ensure they clear those regulatory hurdles is especially important. That's why Logicworks, the New York City-based maker of cloud storage architecture, announced its "Compliance Cloud" earlier this spring.


"When you read about some of the limitations of these cloud services, one of them is really about data security," said Kenneth Ziegler, president and COO of, LogicWorks. "If you have hundreds of clients operating on single physical servers by running virtual servers, it opens up a whole mess of potential security flaws and loopholes. With healthcare, it's all about HIPAA compliance. The way we achieve that is by building out fully dedicated architecture: no shared firewalls, no shared load balancers, no shared switching, no shared Web interface, no shared database servers. That way, clients have full control over their environment and don't have to worry about other people sharing any kind of a hardware with them."


To substantially ease the deployment of and transition to HIPAA-compliant systems, Logicworks partnered with cloud-based IT compliance and security solutions provider Alert Logic to enable Logicworks customers to detect threats, eliminate vulnerabilities, and manage log data.

"Our private clouds are fully dedicated to our clients, providing the security of a dedicated environment with the flexibility of scaling out with virtual machines on demand as they add new clients or need additional capacity," said Ziegler.


In addition "we assure our clients that their system will always be available. We do so by building out fully redundant architectures. Everything from the switching layer to the firewall to the database to the Web tier – there's no single point of failure. Any component of the architecture can fail and the application itself will maintain availability."


That's appealing to vendors such as nextEMR, a Mays Landing, N.J. firm that contracts with Logicworks to power its comprehensive EMR and management solution for healthcare practices. It offers users a Web-based system, secure remote access, e-prescribing and a portal that allows patients to securely download their medical information at any time.
"We chose Logicworks' private cloud solution because it delivered the security and HIPAA compliance for patient records we required," said nextEMR founder, Alan Faustino, MD. "With Logicworks, we are able to deliver our comprehensive EMR and management solution for healthcare practices of any size with secure access to medical records for doctors and patients via the Internet."

"I played golf with one of our clients this morning, and from his iPhone he was able to prescribe a medication," said Morten Gotterup, COO of nextEMR. "In the old days that would've taken a bit more work. Logicworks gives them the comfort that they have very fast access to the data, they have completely secure data, and they also have data that's redundant in case there was a problem across the various hosting facilities. For us, using the cloud has allowed us to really drive down the cost while not compromising at all on speed or security."


"Widespread adoption of EMRs holds great promise for improving healthcare quality, efficiency and patient safety," said Logicworks chairman and chief executive officer Carter Burden. "Our private cloud addresses the concerns people have, and should have, about the security and privacy of healthcare records. A public cloud, where IT resources are shared, just presents too many risks."
Gotterup says, "There's even a greater comfort level than there was, say, 10 months ago. I think people are becoming much more comfortable with the cloud. And they also understand from a cost standpoint that this is the way to go."