Skip to content Skip to navigation

Weighing Pros and Cons of the Cloud

April 17, 2012
by John DeGaspari
| Reprints
HCIT expert provides his perspective
Click To View Gallery

As hospitals face challenges of moving to the electronic medical record, often while operating under tight budgetary constraints and with small IT staffs, moving data to a cloud platform is becoming an attractive option to some. Making the right decision depends on carefully weighing risks and benefits, according to weighing risk Michael Gaasche, manager with the business development department of Smart Devine & Company, LLC, a Philadelphia-based consultancy and, prior to that, IT director with the Department of Health and Opportunity for the city of Philadelphia.

As IT director with Philadelphia’s health department, Gaasche served as one of the executive members of the steering committee when the department was involved in a large-scale electronic health record (EHR) implementation. He has experience with the healthcare as well as the technical side of things, and is knowledgeable of the cloud architecture, what it takes to get there and potential pitfalls for hospitals.

In his experience, one of the biggest measures weighing on a decision is the potential outcomes of the modifications. “If you moved from one system to another, did it provide better outcomes for the patient; did it provide more efficiency in the system; did it make the job of the doctors more efficient and better?” He is an advocate of quantitative goals in making the decision. He recently outlined three factors—costs; data security; and legal aspects—that should be considered before making a move to the cloud.

Gaasche notes that it is extremely expensive for a hospital to develop and maintain a fully compliant managed environment required for large-scale electronic health record (EHR) implementations. Potential savings on infrastructure by going to a private, public or hybrid cloud are significant, he says.

He says the cloud offers a compelling business case for cost savings. “There is a lot of attention being paid to reduction of staff, if that’s a good model for your business to save money. And an answer like this can potentially save a lot of staff and a lot of money, because most of that work ends up going to the cloud provider or the third party,” he says.

The other advantage of the cloud is that it levels the playing field for small provider organizations, he says. “You don’t have to be a big player to join in on a cloud implementation; you can be a small player and pay, like everyone else, on a fee-per-use basis. That opens up the entire industry for pretty much anyone,” he says.

Data security is central to any decision to move to the cloud, particularly when it involves protected health information, Gaasche says. In his view, one advantage of the cloud as a platform is that it is a large platform that is used by many organizations. “This opens up a large pool of potential funds that can be applied to make enhancements to data security,” he says. Because data security and privacy are deciding factors for many organizations considering the cloud, “there is a ton of money being spent on these topics,” he says.

For organizations that make the choice to move data on the cloud, a strong level of governance, with good transparency of the application and the actual data, is essential, Gaasche says. He cautions that it can be difficult for an organization to maintain the oversight of their data on the cloud. “Cloud providers can move your data, and your data might be somewhere you didn’t realize,” he says. That can be a problem, because privacy laws and regulations vary from state to state.

Before making the decision to move data with the cloud, Gaasche says it’s essential to have an agreement in place that provides assurances for transparency, integrity and confidentiality of data. “You have to know the cloud vendor well, and the relationship that is formed between the organization and the cloud vendor has to be open and transparent,” he says.

He notes that recent modifications to the Health Insurance Portability and Accountability Act (HIPAA) have raised the bar on privacy, with higher fines that can be leveraged against the organization when there is a breach.

In his view, one of the benefits of cloud architecture is that cloud vendors should comply with the laws that exist in the locations they serve. He sees continued movement of healthcare providers to the cloud. “Having data available any time and any place is going to move healthcare the way it needs to be moved,” he says.

More on cloud computing will appear in the May issue of Healthcare Informatics.