Skip to content Skip to navigation

Study: 77 Percent of Healthcare Organizations Will Use Public Cloud This Year, But Security Concerns Persist

June 21, 2016
by Heather Landi
| Reprints
Click To View Gallery

More than half of surveyed healthcare executives have reported moving “Tier 1” applications to the cloud or software-defined data centers and 77 percent said they plan to move additional systems to the public cloud this year, according to a report from HyTrust.

HyTrust studied the major issues and obstacles to cloud adoption, perceived security gaps and how things are expected to change in the future by surveying 500 business and IT executives, including C-level executives down through IT administration/systems administration level executives, in various industries, including healthcare, in the United and States and United Kingdom.

“What we find in this research is that the challenges are being overcome, and every kind of function in every kind of industry is being migrated. There are some holdouts, to be sure, but they’re now the exception, and we’re betting they won’t stay that way for long,” Eric Chiu, president of HyTrust, said in a statement.

The study, titled “Industry Experience: the 2016 State of the Cloud and Software Defined Data Center (SDDC) in Real-World Environments,” findings indicate that organizations are moving more workloads, from mission-critical tasks to routine functions, to more public clouds.

Fifty-five percent of healthcare organizations have moved “Tier 1” applications, or mission critical applications, including sensitive information or data, to the cloud or software-defined data center. In addition, 61 percent reported using the public cloud for data storage and 52 percent are using it for test/development server workloads.

Healthcare organization executives identified Amazon Web Services (AWS) as the public cloud platform they plan to use this year (with 29 percent choosing AWS), followed Google Cloud, Microsoft Azure and IMB Softlayer, which 17 percent of healthcare organization executive respondents chose.

According to the study, 39 percent of respondents predict faster cloud and SDDC deployment in 2016, and 52 percent anticipate increased adoption, but a large 61 percent predict more use of public cloud this year.

For those using the public cloud or planning to use it, 29 percent said they expect to see greater tangible benefits and a quantifiable return on investment, such as enhanced efficiency, agility, flexibility and provisioning.

However, concerns about security, performance issues and operational challenges continue to be obstacles to adoption, the study found. Of those survey participants working in healthcare, 29 percent say they’ve been the victim of a personal data breach.

Data breach or security risk is ranked the concern most likely to slow migration to SDDC (with 65 percent ranking it as likely or most likely), while lack of automation and orchestration was rated second (at 55 percent).

And, regarding security risks, 42 percent of healthcare organization executives predict more breaches this year, while only 10 percent foresee less. However, 26 percent of respondents predict fewer breaches, but only after there's a strategic focus on security to address those requirements.

When questioned about the biggest security gaps holding back cloud and SDDC deployment, about one-third identify the perception of inadequate security along with the fear of lower security levels than are available in a physical data center. In addition, a little more than two-thirds (68 percent) cited lack of solutions from current vendors, the immaturity of vendors or new vendor offerings, or issues with cross-platform interoperability is the biggest gap holding back deployment.

And, healthcare organization executives appeared to be evenly split on the issue of whether security will be less of an obstacle to greater SDDC adoption by the end of the year, with 48 percent of respondents each saying yes and no, and remaining respondents answering they don’t know.

The study also found that organizations are implementing differing strategies to ensure optimal asset protection. Survey participants were asked: “What are the data security requirements for your virtualized private cloud workloads?” According to the study, 32 percent of healthcare organization executives reported encrypting all production data in a workload.

And, survey participants were asked, “What are the data security requirements for your public cloud workloads?” Among the healthcare organization respondents, 16 percent reported encrypting the entire workload and 32 percent cited encrypting all production data while 13 percent said they encrypt personally identifiable information (PII) data only.






CMS Hospital Compare Website Updated with VA Data

The Centers for Medicare & Medicaid Services (CMS) has announced the inclusion of Veterans Administration (VA) hospital performance data as part of the federal agency’s Hospital Compare website.

CMS Awards Funding to Special Innovation Projects

The Centers for Medicare & Medicaid Services (CMS) has awarded 20, two-year Special Innovation Projects (SIPs) aimed at local efforts to deliver better care at lower cost.

Center of Excellence in Genomic Science to be Established in Chicago

The National Human Genome Research Institute has awarded $10.6 million over five years for the establishment of a new research center in Chicago to advance genomic science.

EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.