Moving HIPAA Compliant Healthcare Data Into The Cloud

Moving HIPAA Compliant Healthcare Data Into The Cloud

Moving HIPAA Compliant Healthcare Data

Complete HealthCare Solutions (CHS) is a large multidimensional healthcare computing firm headquartered in Palmer, Mass., and which serves 350 physicians, 12 hospitals, various group practices and individual patients throughout the United States. By 2009, their computing infrastructure had become a constraint on growth. Their existing network included many old, near end-of-life computers and proprietary systems that had been installed years ago, and scaling this computing capacity to meet demand was a constant challenge. Due to HIPAA regulations, CHS required a dedicated, secure, non shared computing environment, which made it impossible for them to collaborate with most traditional hosting solutions providers.

(Image source: Shutterstock)

(HIPAA refers to the Health Insurance Portability and Accountability Act of 1996, which in essence establishes national standards for electronic health care transactions, protects the privacy of individuals’ health care information and encourages greater use of electronic data within the healthcare system.)

The CHS legacy systems, along with ongoing company growth meant that even maintaining the status quo was difficult, but CHS also further taxed their computing infrastructure by introducing new products and capabilities to benefit their clients. For instance, they wanted to provide physicians with the ability to access patient records securely from anywhere in the world, 24/7. This kind of capability is excellent for the end user, but it is expensive to develop and manage in-house. CHS therefore decided to explore the possibilities of Infrastructure as a Service (IaaS).

After researching a number of potential providers, CHS teamed up with Florida-based Atlantic.Net, who designed a customized hybrid solution that combined Private Cloud and virtualization. Atlantic.Net confirmed that if CHS were to stay with an in-house HIPAA-compliant solution, it would have cost about $280,000 up-front, consisting of $80,000 for licensing and VPN, and $200,000 upfront capital expense for equipment.

In addition, an in-house system would have meant considerable ongoing expenses, including: colocation space for at least 2 racks in a data center (at least $6,000 per month, including power, space and bandwidth), staff costs for a new expert administrator to run the system, and continuation of existing management and consulting costs.

The approach that Atlantic.Net took involved installing and deploying customized hardware, specifically 15 high-end Intel Processor NE helm XEON servers. After installing the necessary software packages, they set up the network and secure redundant firewall system, while preserving and incorporating the necessary proprietary systems into the new IaaS package.

As a result of this work, 150 physicians were migrated seamlessly to the new system within weeks, while reducing deployment costs, ensuring compatibility, and establishing wide area networking to connect remote offices and the corporate office to the CHS core virtualized IT infrastructure at the Atlantic.Net data center. The fifteen new servers that were deployed not only avoided incurring any upfront capital expense, but also eliminated continuing in-house maintenance costs. In addition, by moving to a Xen-open source solution, Atlantic.Net saved its client $500 per month that had previously been spent on VMWARE vsphere hypervisors.

Joseph Nompleggi, VP of Product Development of Complete Healthcare Solutions put it this way: “Combining our medical software expertise with Atlantic.Net’s SAS 70 compliant data center facility, we are positioned well to become the medical software solution of choice for health care providers for all of their EMR/EHR data needs. Healthcare providers can now focus on their core business and leverage our expertise and software solutions to comply with the HIPAA and HITECH compliance requirements. Atlantic.Net’s reputation for 100% uptime, their secure infrastructure and expertise in Healthcare IT were key components in finalizing our partnership. Our partner’s financial strength and proven track record are something we view with great confidence.”

This is a classic case study,” says Adnan Raja, Marketing Director at Atlantic.Net, “of how organizations that don’t necessarily exist within the traditional business sphere – in this case dealing with private citizens’ health-related data – can take advantage of cloud technology and specifically IaaS, to better serve their client base in a cost-effective and secure way.”

Further details regarding the services Atlantic.Net delivers as a global hosting provider can be found at www.atlantic.net.

Post Sponsored By Atlantic.net

By Steve Prentice

About Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.

View Website
View All Articles

Sorry, comments are closed for this post.

Comics
Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

The Key To Improving Business Lies In Eye-Interaction Tech

The Key To Improving Business Lies In Eye-Interaction Tech

Eye-Interaction Technology Analysts at Goldman Sachs predict virtual reality revenue will surpass TV within the next decade. More than just some gaming fad, VR represents a whole new way for organizations to train, research, and explore vast amounts of data. Despite its popularity, however, VR is still not in the hands of the majority, and…

Cyber Security: McAfee on IoT Threats and Autonomous Cars

Cyber Security: McAfee on IoT Threats and Autonomous Cars

IoT Threats and Autonomous Cars Autonomous cars are just around the corner, there have been controversies surrounding their safety, and a few doubts still hang in the minds of people who don’t like the idea of a computer driving their car. However, the biggest news stories surrounding this topic have been to do with how…

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

The 80-20 Rule For Security Practitioners  Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards.…

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…