Healthcare Finally Warming to Cloud Technology
Ever the risk-averse industry, healthcare is finally beginning to trust cloud for the storage of protected health information. Experts credit better cloud security, dropping costs and the growing need for disparate organizations to share information. What's more, this only appears to be the tip of the healthcare cloud iceberg.
Mon, November 18, 2013
CIO — The security concerns that hinder the adoption of cloud computing in most industries are magnified in healthcare thanks to the sensitive, private nature of patient data — and the heavy fines that healthcare organizations and their business associates face if that data falls into the wrong hands.
However, recent surveys from Imprivata and Porter Research suggest an about-face. Healthcare increasingly trusts the cloud, both surveys conclude, and leaders at the organizations behind the surveys say this progress is just the beginning.
Cloud on Healthcare's Radar As Other Tech Needs Lessen
Imprivata's 2013 Desktop Virtualization Trends in Healthcare report, now in its third year, finds healthcare organizations more willing to store personal health information (PHI) in the cloud than in the past.
In 2012, only 9 percent of respondents used cloud computing. This year, 30 percent of respondents were. What's more, 40 percent of those using the cloud were storing PHI there, compared to 9 percent in 2012.
This didn't necessarily surprise Ed Gaudet, general manager of the Cortext Product Group at single sign-on and identity management system vendor Imprivata. Three years ago, the company's healthcare customers told him cloud computing adoption was three years away. At that time, the industry was busy moving away from paper-based processes and get electronic health records up and running in order to meet federal requirements for the meaningful use of EHR systems.
Now that these organizations (more or less) have meaningful use under their belts, they're beginning to invest in other areas, Gaudet says. This desire to invest has coincided with an increased willingness among cloud service providers — including Amazon, Google and Microsoft — to sign HIPAA business associate agreements. Such an agreement outlines how a business associate will protect an organization's PHI in accordance with HIPAA privacy and security rules.
"We see that as really critical. More and more companies that store PHI in the cloud are starting to do that," Gaudet says.
Cloud Finally Mature Enough for Healthcare
Meanwhile, the Porter Research study — sponsored by Covisint, the SSO and identity management subsidiary of Compuware — suggests that 58 percent of C-level hospital executives "place a high importance in cloud-based technologies." This is quite telling, says Porter Research President Cynthia Porter, since roughly 75 percent of hospital communications occur over fax. "There's still a lot of inefficiencies out there," Porter says.
Healthcare's increasing willingness to use the cloud comes with a decreasing reluctance to see how other industries are solving problems related to data storage, application hosting and the like. Yes, healthcare remains a risk-averse industry, but organizations are starting to realize that it does in fact mean something if a cloud vendor is "proven" in other industries, Porter says. "Healthcare isn't afraid any more to look at how problems are solved outside healthcare."