The value of a hybrid cloud strategy for hospitals

Security of data, even when moving information into the cloud, is increasing in importance as data breaches grow.

Munson Medical Center, a 391-bed facility in Traverse City, Michigan, sees the value in some cloud storage, but discussion on moving data there has raised issues, Dale Atkins, technical architect at Munson, tells HealthITSecurity.com.

"[W]e do have some reservations about moving any part of our infrastructure to the cloud," he says. "There are issues in healthcare with the requirements to join health information exchanges [HIEs] as part of the Affordable Care Act [ACA], so we have to resolve those."

One of the technology tasks the medical center is considering moving to the cloud is mobile device management, according to Atkins. He says the facility has a robust BYOD policy, so they are looking to move the management of those devices to the cloud--and with a focus on security to "lock down the devices in some form."

Atkins says the center will allow some information into the cloud, but will also continue to keep certain data in its own data center. Which data will go to the cloud and what will stay with the organization is still an open question, he adds.

Hospital IT executives increasingly are turning to the cloud to meet growing technology needs, according to a survey published in June by HIMSS Analytics. Close to 83 percent of respondents to the survey said they use cloud technology.

As cloud use grows, CIOs and other health IT leaders should develop a holistic cloud strategy, according to an article at Gigaom Research.

The process for that strategy includes:

  1. Assess: Provide a business-focused holistic assessment of the IT department, applications and services
  2. Roadmap: Use the assessment as a roadmap that can outline priority and valuations to drive the alignment of IT
  3. Execute: Learn through action, according to the article's author.  Start small and ramp up quickly
  4. Re-assess and adjust: As the organization starts to execute ideas, make any necessary adjustments. Continual improvement is important for being on top of changing demands

However, even with a good plan in place, concerns remain when it comes to security (especially considering the recent cloud hack that exposed private celebrity photos).

"I think the biggest problem is that, while the data can be secured and encrypted, things get lost inadvertently or maliciously," Munson's Atkins says. "The internal misuse or loss of data is a big concern." 

To learn more:
- read the Health IT Security article
- check out the Gigaom Research article

Suggested Articles

Two senators introduced legislation to establish a third-party oversight committee to help monitor the implementation of the new EHR system. 

ONC is moving another step closer to implementing a framework designed to improve data sharing between health information networks.

Welcome news to many health IT stakeholders: HHS announced Friday that it is extending the comment period for two proposed interoperability rules.