I recently saw a download that addresses “Three Ways The Cloud Can Help Manage Healthcare’s Digital Data Tsunami” (For the moment, I thought perhaps the cloud was finally getting the attention it deserves for healthcare data storage. Then I saw the following in an email on Google’s initiative to remove medical records data from its searches.
The first article relates to Philips Healthcare’s experience with Amazon Web Services (AWS), while the second relates to Google’s web services. On the one hand, the first publication implies that cloud storage is cost effective, secure, and scalable. The second publication addresses concerns with respect to patient information and the risk of identity theft.
In light of the recent WannaCry Ransomware attack (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack), security concerns are elevated with respect to sensitive patient information. Controlling information behind a healthcare provider’s firewall is one thing, but managing it in the cloud might be quite another. Perhaps there is some difference between a private versus public cloud, but given the rash of healthcare provider attacks involving the WannaCry Ransomware, there is probably genuine concern with respect to remote data storage.
Such concern has probably caused cloud service providers to double down on security provisions, and they are probably safer now than in the past. Still, it speaks to having an effective strategy in mind when planning to use cloud services. It probably doesn’t hurt to have a contingency plan, as well as a response plan should there be an attack involving patient data.
There are many good reasons to consider the cloud for data storage, as demonstrated by the first article, especially the data tsunami resulting from the expansion of electronic medical records. One challenge facing healthcare providers is what information to send to the cloud. Are patient document records or images better handled in the cloud? Given that images represent substantially more data, they might be considered a better option, as they would place greater strains on internal infrastructure. One key factor to consider are the SLA (service line agreement) requirements required. Factors such as the bandwidth of the connection, recall demand, volume of transactions, reliability, security risk, etc. must be considered in matching requirements with available performance.
Regardless of what data is sent to the cloud, there needs to be a clear understanding of who owns the data, and a minimum cost to retrieve that data should storage plans change. I am reminded of one facility I have worked with that felt as if they were being held at ransom by the vendor when it came time to retrieve the data into another solution.
With ever-increasing demands on data such as analytics, making smart use of all available storage options will continue to be a key challenge for healthcare IT professionals.