The healthcare industry is in a period of significant evolution. Everywhere you turn, you hear talk of mergers, acquisitions, practice transformation, value-based care models, and workflow optimizations. Healthcare organizations are looking to information technology investments to adapt (and, with luck, thrive) during and beyond this period of dynamic change. And a new IDC Health Insights report, “Business Strategy: Trends and Opportunities in the U.S. Healthcare Provider Market — A Discussion of the 2015–2016 Healthcare Provider Technology Spend Survey Results,” suggests one such adaptation involves finally warming to cloud-based technologies.
“The cloud is not a new technology. But its adoption in healthcare has lagged because of the unique concerns of healthcare organizations around security, availability of data, and latency of data. You need to have secure data available rapidly at the point of care,” says Nancy Fabozzi, a principal analyst in Frost & Sullivan’s Transformation Health group. “That’s what you need for any information system when you are in an environment when you are caring for patients.”
Cloud computing, loosely defined as the process of sharing resources across a network of computers to store and process information so that data can be accessed from anywhere, has been successfully leveraged in other industries, allowing more flexibility and reducing costs, for nearly a decade. And according to the IDC report, healthcare organizations are becoming more open to the idea. Thirty percent of respondents stated they were comfortable with the cloud in 2014—with an additional 41.5 percent saying they their comfort levels with cloud-based technologies had increased from 2014 to 2015. Furthermore, provider organization respondents reported an estimated average of 24 percent of IT spend would go into projects that use managed third-party hosting and 18 percent to software-as-a-service (SaaS) offerings.
So why the change? Fabozzi says that, as the healthcare sector continues to weather dramatic changes, provider organizations need more flexibility in their technology infrastructure in order to keep up.
“The dynamics of the healthcare environment today are chaotic. So many rules are changing, in terms of meaningful use, the move to value-based reimbursement, population health, and what Centers for Medicare and Medicaid Services (CMS) wants you to do,” she says. “So you need systems that are equally as dynamic. They need to be flexible and easy to customize very rapidly. And you can’t find that in the traditional installed-on-premise system that has dominated the industry up until now. They just don’t work that way.”
Different Levels of Cloud Comfort
Many healthcare organizations are reporting plans to invest in the cloud—but are they doing so for applications that handle protected health information (PHI)? It’s unclear. Robert Eardley, senior vice president and CIO at Houston Methodist, a health system in Houston, Texas, with seven hospitals and one research institute that employs more than 4,000 physicians, says that while he agrees comfort with the cloud is growing, it may be more with applications that don’t store or process sensitive patient information.
“We have a number of remote-hosted and cloud solutions in our IT environment. And the cloud makes a lot of sense when you are talking about email tools, video distribution services, and learning management systems,” he says. “The cloud makes a lot of sense when you are talking about a solution that largely stands by itself and can be sold and serviced as a solution. It makes less sense when it’s highly interfaced and has a lot of PHI, because there are a lot of potential security concerns. That’s why we still tend to store PHI on premise at this point.”
He also says that the definition of “cloud” remains a bit malleable in the healthcare IT space. “There are different definitions of the cloud that are used in healthcare. For me, the best definition of a cloud service is one where it offers device synchronization. Think Kindle, think iTunes—the kind of application that allows device synchronization via the cloud,” he says. “But people also use the term cloud to describe a remote-hosted software application. And then there’s SaaS, which is kind of in between those two, which goes beyond remote hosting of an application on somebody else’s servers and adds ancillary solutions as a service. I think a lot of healthcare organizations are using the cloud for different parts of their IT programs. But a lot of these offerings need to mature before we think about using them with PHI, so we can make sure the security we need is there.”
More Skin in the Game
But Peretz Stern, CIO of AristaCare Health Services, a provider of long term, sub-acute, and post-acute care services headquartered in Cranford, N.J., believes that the offerings have matured to where they need to be—and can more than effectively secure PHI.
“We had a wake-up call after Hurricane Katrina. One of our facilities was on a generator for almost 14 days. If any data would be stored there, it would basically just create a vacuum that would put actual lives in danger,” he says. “That’s when we really started considering cloud-based technologies. Because the cloud makes it easier for us to create redundant pathways to the Internet where we can get the data we need. We sleep better at night knowing that we now have an infrastructure and protocols in place where we can get the data we need and patient care won’t be compromised.”