Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cloud services go mainstream in healthcare

Clint Boulton | Oct. 6, 2015
CIOs who previously eschewed the cloud because vendors wouldn't protect federally regulated patient information are growing increasingly comfortable with the technology.

healthcare cloud

If you asked a CIO managing IT for a healthcare organization in 2012 how much of his software ran in the cloud, the percentages would have been low. That’s no longer the case as 2016 nears. Emboldened by agreements to adhere to federal guidelines for protecting personal healthcare information (PHI), hospitals are a turning to cloud computing to make their organizations more nimble. Healthcare CIOs, mirroring their counterparts in corporations, are taking the cloud mainstream.

The difference between 2012 and 2015 is largely one of vendors' willingness to sign business associate agreements (BAA) regarding personal healthcare information, or PHI. Under the federal HITECH Act, cloud vendors' handling and use of PHI must comply with privacy and security mandates ordered by the Health Insurance Portability and Accountability Act (HIPPA).

CIOs say cloud vendors initially refused to sign BAAs, which require them to be subjected to audits by the Office for Civil Rights and explain in detail how they will report and respond to a data breach. But in late 2012, Microsoft formally agreed to sign BAAs. Amazon Web Services and Google followed suit in 2013. Suddenly, going to the cloud was possible, even preferable, for hospitals seeking to become more agile by ditching their on-premises infrastructure and tedious application management.

John Halamka, CIO of Boston's Beth Israel Deaconess Medical Center.
John Halamka, CIO of Boston's Beth Israel Deaconess Medical Center. 

"Amazon wouldn't sign a BAA in 2012," says John Halamka, CIO of Boston's Beth Israel Deaconess Medical Center (BIDMC), speaking of his own experience. "Today, getting BAAs are no longer a problem ... healthcare is now very comfortable using Amazon." Halamka's begun replacing physical servers with cloud services from AWS, which has agreed to provide BIDMC-adequate levels of physical and logical security and documented processes that comply with HIPAA's regulations. With healthcare accounting for roughly 17 percent of the U.S. GDP, it makes sense for AWS and its rivals to court healthcare, he says.

It also make sense that hospitals, under pressure to deliver better patient outcomes at lower costs, adopt modern technologies that help them meet their goals. Healthcare organizations “are looking at the business and outcomes of healthcare and looking to technology as a way to be more agile,” says Steve Halliwell, director of healthcare and life sciences at AWS. “They’re trying to enable transformation for their business to happen more quickly and the cloud is providing them the opportunity to do so.”  

Goodbye Data Center?

CIOs are increasingly procuring cloud infrastructure, storage and application services in lieu of managing data centers and implementing and upgrading software. Although BIDMC uses 30 AWS virtual machines today to operate its software development and test environment, Halamka estimates he could eventually shutter his entire data center, replacing 200 servers with AWS virtual machines. He says BIDMC staff are also using cloud applications for learning management and electronic healthcare records, and is testing Slack, HipChat and other tools for one-to-one and group communications. It's incumbent on CIOs to find tools that enhance employees' productivity.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.