Security requirement hazes healthcare cloud

While platform promises cost benefits and swift implementation, inherent nature of medical records puts spotlight on data security issue.
Written by Sol E. Solomon, Contributor

Cloud-based services will prove important in healthcare provision, but the inherent nature of medical records underscores the need for clouds to be private to ensure data security is better maintained.

Alex Kim, director of IDC's Health Insights division, said hospitals do not want to become data centers that have to store huge amounts of information such as x-rays and imaging records, and which can be costly to maintain.

"Like other IT companies, healthcare organizations want to provide IT-enabled services more efficiently and cost effectively but compared with other industries, their IT budget allocation is lower," Kim said in an e-mail interview.

Hence, cloud computing can offer a more affordable alternative for the healthcare sector.

Gavin Selkirk, CA's corporate senior vice president and Asia-Pacific and Japan general manager, noted that as cloud computing adopts a utility model, service costs are based on consumption. This requires a low initial investment to deploy services, and additional investment is incurred only as use increases, Selkirk explained in an e-mail.

"A healthcare organization is able to get a cloud-based IT operation up and running swiftly, and for a fraction of the cost of an in-house solution," he said. "Far greater cost efficiency means healthcare organizations are able to channel cash into core activities."

Kim noted that an obvious concern, with regard to providing healthcare services over the cloud, is security relating to personal medical records.

"One way vendors may try to alleviate these concerns will be to develop industry standards and best practices around securing access to patient data in a cloud environment," she said.

Andre Smit, managing director of Asia-Pacific data center sales at Cisco, said healthcare providers would naturally be concerned about the integrity of their client data, especially in life threatening situations.

Since the cloud provides secure virtualization, resource unification and interconnectivity, it is a "very attractive option" for medical providers, Smit told ZDNet Asia in an e-mail. This is because it allows healthcare providers to marshal their resources easily, with secure, on demand access to information and increases their overall service agility and instant access in the case of emergencies.

"Vendors in the industry are continually working on more sophisticated security systems for the [current] age of hyperconnectivity," he said.

Selkirk said it is not the healthcare providers but the security vendors that would have the expertise and technology to preserve data integrity via specialized security applications, best industry practices and offsite backup.

"In short, a reputable IT vendor is more qualified to protect sensitive data than an organization specializing in healthcare, just as a bank is best qualified to secure a customer's cash deposits," he said.

Kim noted that medical establishments looking to the cloud will also want to ascertain if the platform can address patient data interoperability issues, as well as increase flexibility and agility of patient data access, processing and storage.

According to Selkirk, health records stored across multiple systems in the cloud can be retrieved easily and immediately from anywhere, via almost any device--"all helping to improve the quality of patient care".

Kim suggested the potential use of smartphones such as Apple's iPhone, to access electronic health records via a portal, thus, facilitating a health cloud or data repository.

"[This allows] ubiquitous healthcare--getting the right care with the right information, at the right time, at any location. That would be powerful," she said.

Editorial standards