The annual Healthcare Information Management Systems Society (HIMSS) conference has come to a close for 2018 and if there was one resounding message we heard throughout many of the sessions at the conference it was that healthcare organizations should be running to the cloud. We heard this in sessions ranging in topics from disaster recovery to protecting against ransomware to storing medical images to data integrity.
Faith Regional and Austin Radiological Association
Both Faith Regional Health Services in Nebraska and Austin Radiological Association (ARA) in Texas needed to find a better way to solve disaster recovery and ransomware challenges. Although they both had their doubts about the cloud at first, they knew something different had to be done in order to survive in the current healthcare threat landscape.
Both healthcare organizations decided to move to the cloud in order to solve their disaster recovery and ransomware challenges.
After Faith Regional moved to the cloud, Paul Feilmeier, information technology director at Faith Regional, said at HIMSS 2018 that they discovered numerous benefits:
The cloud is HIPAA compliant.
- Faith Regional employees and providers didn’t even notice the switch to cloud because the transition was so smooth.
- Their backup was more robust and reliable.
- They lowered their capital expenses significantly.
ARA experienced benefits from the cloud as well, Todd Thomas, CIO at ARA, said at the conference, including:
lower operational costs
- the ability to scale quickly
- faster time to implementation
MCR Health Services
For Larry Allen, CIO at MCR Health Services in Palmetto, Florida, he also had a problem to solve: Where could MCR host its infrastructure, save money, maintain data integrity, enable easy access to data, ensure security, and deliver quality healthcare?
Allen, too, discovered that the answer for his healthcare organization was the cloud.
During his session at HIMSS 2018, he explained that the cloud allows his organization to quickly spin things up and also adjust the cost based on the use of the cloud. This is difficult to do on your own, Allen said. He added that the cloud also allows healthcare organizations to achieve a level of agility that is also difficult to do on your own.
HIPAA and the cloud
While the message at HIMSS 2018 was clear from healthcare providers – the cloud can help your healthcare organization address issues ranging from security to cost and more – doing your due diligence before choosing a cloud provider is crucial.
Adam Greene, partner at Davis Wright Tremaine, LLP, based in Seattle, offered HIMSS attendees some advice to ensure their cloud provider is HIPAA compliant and truly secure.
Greene said that before a healthcare organization commits to a cloud provider, they should make sure a few criteria are in place:
Make sure you have a business associate agreement with your cloud provider.
- Make sure your cloud provider conducts their own risk analysis in order to be compliant with HIPAA.
- Make sure your cloud provider has a risk management plan implemented.
Furthermore, Greene pointed out that physical security is also important. For example, if someone asks your cloud provider to visit their data center and they say yes then you may want to consider a different cloud provider who takes physical security more seriously, Greene said.