Healthcare News & Insights

3 steps to avoid cloud computing risks in health care

Cloud computing is all the rage in IT these days, and many organizations are turning to cloud-based services for their IT needs. That includes healthcare providers, though they’re adopting cloud computing at a slower rate than in other industries. 

Overall, 35% of healthcare IT pros say their organizations are adopting or a managing a cloud computing service at the moment, according to a recent survey from technology vendor CDW.

That’s up from 30% who said the same in last year’s poll, but still significantly below the average of 44% among all of the surveys respondents. In fact, among the eight industries the respondents worked in, healthcare was ranked next to last in terms of cloud computing adoption, ahead of only state and local governments.

Healthcare organizations do have good reasons for the slow adoption. Among the health IT pros surveyed:

  • 51% are concerned about the privacy of data and applications when cloud computing services are used
  • 36% are worried that applications in the cloud won’t perform as well as they would in house, and
  • 31% think their organization will have a hard time integrating cloud applications with existing infrastructure.

Cloud computing has benefits, too

Despite those risk, cloud computing does have a lot of benefits for organizations. The cloud often gives providers access to software and services that may have been too big a project to implement in house. For example, many smaller practices and hospitals have shied away from installing in-house EHR systems, but are making use of cloud-based applications that are paid for with a subscription fee rather than a big up-front cost.

Beyond just the oft-mentioned cost savings, respondents in all industries reported several benefits of cloud computing services in CDW’s survey, including:

  • Increased efficiency (cited by 55% of respondents)
  • Improved employee mobility (49%)
  • A greater ability to innovate (32%)
  • More time for IT staff to work on other projects (31%)
  • Reduction in IT operating costs (25%), and
  • A greater ability to offer new products and services (24%).

Because of those and other benefits, healthcare organizations are adopting cloud computing services, even if they’re doing so at a slower rate than firms in other industries. In a poll taken last year by Healthcare IT News, 33% of health care organizations said they were currently using at least one cloud-based service. However, an additional 48% say they plan to use cloud computing services in the future.

Decide what can go in the cloud

Organizations can still take advantage of the benefits even if they’d rather keep some sensitive data on their own networks. Many healthcare organizations are turning to the cloud not for health IT systems but for more general IT needs.

In fact, the applications healthcare organizations most often move to the cloud, according to CDW’s survey, are:

  1. Messaging and collaboration (29%)
  2. General computing (25%), and
  3. Office software and productivity suites (22%).

While there are some risks involved in those areas, many organizations are more comfortable using those applications compared to moving sensitive patient data to the cloud.

Plan properly to minimize the risks

Whether organizations are switching to a cloud-based EHR or just moving email or office software to the cloud, there are some things they can do to prepare for the risks and maximize the benefits:

1. Choose the right vendor

When choosing an cloud computing provider, it’s important to properly vet all vendors — and especially ask detailed questions regarding security and reliability. Some questions organizations can ask:

  • What policies and procedures are in place to protect the physical data center, and how does the company vet employees who have access to clients’ data?
  • What technology is used to keep one client’s data separate from others’ on multi-tenant servers?
  • What encryption protocols does the vendor use to protect data in transit and at rest?
  • What’s the procedure for notifying customers of a data breach?
  • What availability guarantees are offered and what penalties are assessed if they aren’t met?

2. Test the new infrastructure

It’s important to make sure everything will work together once a cloud service is adopted, and to find alternatives before a contract is signed and a service is implemented. The organization should test to see if cloud computing applications can communicate with other systems, both on the premises and in the cloud.

Also, it pays to make sure the company has enough bandwidth available to handle the additional load. When bandwidth use suddenly increases because of a new service, it can cause serious drops in productivity and lead to downtime.

3. Manage access to cloud services

In addition to making sure vendors do their part to keep data secure, there are also some things organizations need to do on their end. One big area is managing how and by whom cloud computing services are accessed.

As with any IT system that holds sensitive data, access should only be given to employees that need it, and policies should require strong, complex passwords. Organizations can also look for cloud computing providers that offer multi-factor authentication to access their accounts, if extra layers of security are needed.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.

Speak Your Mind