Moving HIPAA Compliant Healthcare Data
Complete HealthCare Solutions (CHS) is a large multidimensional healthcare computing firm headquartered in Palmer, Mass., and which serves 350 physicians, 12 hospitals, various group practices and individual patients throughout the United States. By 2009, their computing infrastructure had become a constraint on growth. Their existing network included many old, near end-of-life computers and proprietary systems that had been installed years ago, and scaling this computing capacity to meet demand was a constant challenge. Due to HIPAA regulations, CHS required a dedicated, secure, non shared computing environment, which made it impossible for them to collaborate with most traditional hosting solutions providers.
(Image source: Shutterstock)
(HIPAA refers to the Health Insurance Portability and Accountability Act of 1996, which in essence establishes national standards for electronic health care transactions, protects the privacy of individuals’ health care information and encourages greater use of electronic data within the healthcare system.)
The CHS legacy systems, along with ongoing company growth meant that even maintaining the status quo was difficult, but CHS also further taxed their computing infrastructure by introducing new products and capabilities to benefit their clients. For instance, they wanted to provide physicians with the ability to access patient records securely from anywhere in the world, 24/7. This kind of capability is excellent for the end user, but it is expensive to develop and manage in-house. CHS therefore decided to explore the possibilities of Infrastructure as a Service (IaaS).
After researching a number of potential providers, CHS teamed up with Florida-based Atlantic.Net, who designed a customized hybrid solution that combined Private Cloud and virtualization. Atlantic.Net confirmed that if CHS were to stay with an in-house HIPAA-compliant solution, it would have cost about $280,000 up-front, consisting of $80,000 for licensing and VPN, and $200,000 upfront capital expense for equipment.
In addition, an in-house system would have meant considerable ongoing expenses, including: colocation space for at least 2 racks in a data center (at least $6,000 per month, including power, space and bandwidth), staff costs for a new expert administrator to run the system, and continuation of existing management and consulting costs.
The approach that Atlantic.Net took involved installing and deploying customized hardware, specifically 15 high-end Intel Processor NE helm XEON servers. After installing the necessary software packages, they set up the network and secure redundant firewall system, while preserving and incorporating the necessary proprietary systems into the new IaaS package.
As a result of this work, 150 physicians were migrated seamlessly to the new system within weeks, while reducing deployment costs, ensuring compatibility, and establishing wide area networking to connect remote offices and the corporate office to the CHS core virtualized IT infrastructure at the Atlantic.Net data center. The fifteen new servers that were deployed not only avoided incurring any upfront capital expense, but also eliminated continuing in-house maintenance costs. In addition, by moving to a Xen-open source solution, Atlantic.Net saved its client $500 per month that had previously been spent on VMWARE vsphere hypervisors.
Joseph Nompleggi, VP of Product Development of Complete Healthcare Solutions put it this way: “Combining our medical software expertise with Atlantic.Net’s SAS 70 compliant data center facility, we are positioned well to become the medical software solution of choice for health care providers for all of their EMR/EHR data needs. Healthcare providers can now focus on their core business and leverage our expertise and software solutions to comply with the HIPAA and HITECH compliance requirements. Atlantic.Net’s reputation for 100% uptime, their secure infrastructure and expertise in Healthcare IT were key components in finalizing our partnership. Our partner’s financial strength and proven track record are something we view with great confidence.”
“This is a classic case study,” says Adnan Raja, Marketing Director at Atlantic.Net, “of how organizations that don’t necessarily exist within the traditional business sphere – in this case dealing with private citizens’ health-related data – can take advantage of cloud technology and specifically IaaS, to better serve their client base in a cost-effective and secure way.”
Further details regarding the services Atlantic.Net delivers as a global hosting provider can be found at www.atlantic.net.
Post Sponsored By Atlantic.net
By Steve Prentice
- The DDoS That Came Through IoT: A New Era For Cyber Crime - October 13, 2016
- Ransomware’s Great Lessons - September 28, 2016
- IoT: Connected Manufacturing Leads To Service as a Product - March 9, 2016
- The Lurking Threat Called Passivity - February 22, 2016
- Security: The Goodwill Virus That Keeps On Giving - February 11, 2016