Cloud Security, HIPAA Compliance Deter Hospitals from Cloud

I have seen this in action with interactions with my region’s dominant medical network provider. On the date this blog post was made, I had an appointment with the Sleep Medicine service and found out that they could not remotely view my CPAP data due to older equipment not having cloud access built in despite an internal modem and SD Card recording mainly compliance data. Since the machine is doing what it’s supposed to do, there is no rush to upgrade.

Healthcare organizations are conservative in technology by nature, due to government regulations and best financial practices, among other reasons. The three biggest Cloud Service Providers, Amazon Web Services, Microsoft’s Azure, and Google Cloud are all HIPAA compliant, so that is not the reason for the reluctance. There are a significant number of organizations, 40% (Donovan, 2018), that have yet to act on a successful migration to the cloud, whether it is a full or hybrid version; I get that. The trend, despite political opposition, is to pursue a managed care and/or a single-payer system, such as Medicare, Medicaid, and Veterans Health. Their hands will be forced as the revenue per patient constricts while compliance expenses increase.

While Electronic Health Records placement in a cloud has a relatively low starting point, the integration into existing networks can be costly. However, 58 percent of our healthcare survey respondents stated that cloud is inexpensive to buy, but expensive and/or difficult to implement and integrate with other resources – highlighting an often-overlooked aspect of cloud costs that can be difficult to quantify (Anonymous, 2015). Connectivity to the cloud has a cost to it, and in rural areas, may not be available at the speed and reliability necessary for real-time access to information that is necessary to operate efficiently. The previous statement is a rationale for a hybrid cloud, which means local IT support replicated to the cloud increasing the cost, which gets passed on to the healthcare consumer.

The takeaway from this is “hang on, it is a bumpy ride”; well worth the effort to get to personal patient control of information and costs.

Cloud security, HIPAA compliance, and privacy are the three primary concerns for hospital CIOs who have considered using cloud-based applications.

Source: Cloud Security, HIPAA Compliance Deter Hospitals from Cloud


Anonymous. (2015). Our expert trio takes on the cloud. Health Management Technology; Atlanta, 36(2), 18,20-22.

Donovan, F. (2018, May 29). Cloud Security, HIPAA Compliance Deter Hospitals from Cloud. Retrieved June 1, 2018, from https://healthitsecurity.com/news/cloud-security-hipaa-compliance-deter-hospitals-from-cloud

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s