How far we’ve come. In 2003, fewer than five percent of hospitals in the U.S. had any form of electronic records and probably less than one percent of doctors’ offices. By 2012, penetration was 85 percent of hospitals.
Now what to do with the torrents of digitized patient data? With the challenges of storing and handling data in compliance with HIPAA/HITECH requirements and the real-time dynamics of making data available 24/7 to authorized users on multiple devices, hospital CIOs and CSIOs are painfully aware of growing data storage management burdens.
The burden will only get worse. More data from more sources, required by more people and organizations linked to the healthcare ecosystem, is keeping the pressure on. Maintaining more data for big data analytics to improve patient outcomes, evaluate efficacy of alternative treatments, identify fraud, forecast potential treatment complications or a million other things will also swell data storage requirement in healthcare. And, never mind about the Internet of Things (IoT) – from hospital beds to bed pans equipped with miniscule identifying devices wirelessly feeding data to the Internet.
The sheer amount of data that the modern organization collects will soon render in-house servers and other traditional IT infrastructures impractical, beginning with the fact that building out and maintaining data storage internally is expensive, and physical space at many hospitals is at a premium. Yet many hospitals remain reticent when it comes to the cloud as a significant part of their storage strategy as a recent HIMSS Analytics survey shows. The most popular methods of data storage among hospitals and health systems include:
- Storage area network system (67 percent)
- External storage media, such as tapes or discs (62 percent)
- Network attached storage system (45 percent)
- Vendor solution/storage is outsourced (26 percent)
- Cloud computing (24 percent)
- Direct attached storage system (22 percent)
All respondents from large hospitals (500 or more beds) reported using a SAN system. External storage was the most popular choice among hospitals with less than 500 beds.
While all this has been happening in the healthcare industry, cloud data storage has been on the move as well. Commenting on the state of the industry in recent report, Forrester Research Inc. stated that cloud storage has emerged as a key competitive differentiator among storage providers, saying “Premium cloud storage services with scalable, guaranteed transaction performance represent the latest wave of innovation, and service providers are adding this capability at a rapid rate.”
Of course, weighing heavily on the minds of hospital CIOs and CSIOs is HIPAA/HITECH compliance.
A select number of cloud providers, including Peak 10, have made HIPAA-compliant infrastructure and cloud services a core competence. It’s a business they specialize in. And with the HIPAA Omnibus Rule (a.k.a. the final rule), it will be easier sort out the pretenders from the real players.
Cloud service providers (CSPs) now must meet many of the same HIPAA requirements as their hospital customers. They are required to sign “business associate agreements” (BAAs), which spell out how they will report and respond to a data breach, including those caused by their subcontractors. That is, they have more skin in the game. Both the cloud customer and CSP are responsible for keeping patient data secure. Both suffer the consequences if that data is compromised.
Even as an element of a hybrid cloud strategy ─ combining internal IT resources with other third-party cloud resources ─ cloud data storage and back-up is becoming an essential, low-risk component in this age of data. It’s time for another look.
* Forrester Research, Inc., “What The Evolution Of Cloud Storage Means For I&O” by Henry Baltazar and James Staten, February 14, 2014.