Healthcare and Cloud Security
A significant portion of our lives are “moving to the cloud.” Many of us no longer have shelves of movies and musical albums. Spotify and Netflix have nearly eliminated that concept. Checkbooks, photo albums, notes-to-self, and school materials have all floated away into the digital world, allowing us to access them on any device. It truly is remarkable. The result is a less cluttered home and more organized, focused mind (I’m being extremely optimistic). So, what about healthcare?
Healthcare is making its way to the cloud in several different ways – electronic health records, medical billing, mobile and wearable apps, and medical education – to name a few. As money pours into this space, tech companies have been quick to bring new products and business models to life. For example, Practice Fusion has developed a cloud-based EHR for medical practices and is literally giving it away for free. Soon, wearable technology, like Google Glass, will allow physicians to upload data to the cloud on-the-go. Not to mention, the industry has been heavily focusing on achieving interoperability. What better way for specialists and primary doctors to communicate than on a unified server that is accessible from anywhere?
And while the idea of being cloud-based is newly popular, it’s certainly not new. NueMD, for Instance, has taken pride in providing cloud-based medical billing software before it was mainstream. Since then, many other medical software companies have also made the leap to the cloud. Instead of requiring the purchase of on-site servers, software that lives in the cloud provides physicians and other practitioners access from any in-accessible device.
It seems so logical that everyone in the medical field would want such an option. Cloud-based software offers lower overhead, convenience, and accessibility. The question arises, then, why isn’t everyone using it? Let’s take a look at a few of the top considerations healthcare professionals have when planning a move to the cloud.
For nearly decades, physicians and other medical personnel have complied with the Health Insurance Portability and Accountability Act (HIPAA). In the “physical world”, documents are filed in locked offices (usually). Charts are kept covered while being carried in an occupied hallway. Elevator conversations about patient information are highly discouraged. Speaking digitally, if a physician has already made the upgrade to electronic records and has a server on-site, the information is protected by unique passwords. That said, the safety of the medical records is limited by the security of the physical room where the data is stored.
While it’s not easy for some healthcare professionals to stomach the idea of “somebody else” housing their sensitive information, the cloud can offer a level of security they’d never be able to achieve on their own. Any credible cloud-based software vendor will store data in a data center equipped with government-level security. At the end of the day, it often saves a significant amount of money (and stress) to let the pros handle it, even if they are “somebody else.”
More apparent, look at other industries, like for example, online banking. The same threats to personal data exist, yet people are already very comfortable using the cloud to handle their financial information. Even if data breaches do occur, retail stores, credit card companies, and banks are all vigilant at alerting victims and recovering from the disaster. If they can do it, healthcare organizations can as well. The bottom line is that online security is not an excuse to turn away from the cloud as much as it is motivation to put a heavier focus on protecting cloud-based information.
“Page not found.” “Unable to connect.” How many times have you read those words when in the middle of accessing an important website or web application and wanted to hurt your computer screen?Fortunately there is a very simple solution for this. Get a second internet connection. Yes, it will increase overhead just a little, but it will be well worth the peace of mind. Any healthcare organization that uses the internet as a primary utility in its office should absolutely have more than one way to gain access. Adding to that, many vendors have actually developed “off-line” modes that allow users to continue working through outages and automatically re-sync with the cloud when the connection is restored.
Outages and Uptime
Servers go down. And when they do, providers and medical personnel are in for some serious headaches. It’s not easy to go back to “the old-fashioned way” after you’ve adapted your entire workflow to the digital age. Paper records, orders, and prescriptions are resurfaced like a bad dream.
There is, however, a major difference between locally-housed and cloud-based servers experiencing downtime. The cloud infrastructure is designed so that if a server crashes, loses power, etc., another one will take its place instantly – essentially abstracting any service disruption away from the end-user. If the computer in your server room goes stops responding, it’s not going to come back to life until you(pay to) get it fixed.
Here’s a brief anecdote to illustrate the power of the cloud: Dr. Neil Notaroberto of EyeCare 20/20 runs three offices in Louisiana. In 2005, Hurricane Katrina forced him to evacuate two of his offices. Because he used a cloud-based practice management system, he had no need to worry about protecting his patients’ data. Furthermore, he was the only ophthalmologist serving the New Orleans metro area for weeks after the storm since he was able to get back up and running so quickly. In fact, the positive impression made on the community led to increased business long after Katrina.
While events as disastrous as Katrina aren’t very common, cloud-based solutions offer the same type of protection against fires, leaks, and theft.
Connectivity to the Local Hospital
This might be the trickiest reason that providers have not moved to a cloud-based EHR or billing solution. Many providers who use an electronic system are using an onsite server because they want to be connected to the same system that their local hospital system is using. This seems to be especially present in Kentucky, where only 17% of physicians using EHR are using a cloud-based EHR. The reasoning behind this situation is that providers find it more convenient to have a system that communicates easily with their referring entity, the hospital.
Let’s do this.
Overall, the reasons to keep from moving to a cloud-based option seem to parallel the reasons why people were hesitant to adopt any technology in the past. That said, why not just push forward? There will be bugs and issues that we don’t see coming, but as we’ve experienced, developers and innovators always seem to find a way to correct these unforeseen problems. With such emphasis on mobile healthcare and sharing patient data, the transition is imminent.
By William Rusnak
William Rusnak is a fourth year medical student, financial investor, writer for NueMD, and entrepreneur. He writes about topics such as healthcare technology, biotechnology, and nutrition. He is currently applying to residencies with plans to practice in Primary Care and Sports Medicine.