MEDNET has been selected as one of a select few companies to present at the upcoming 23rd Annual Minnesota Venture and Finance Conference on September 30th at the Minneapolis Convention Center!
MEDNET joins some of the most prestigious companies in the midwest at this premier event, and MEDNET CEO John Fraser looks forward to the opportunity to present on NHIN, HIEs, and healthcare interoperability to this great group! For more on this conference, click here!
Healthcare providers are under enormous pressure with healthcare reform. Markets and economics are forcing providers to examine IT spending and to consider new emerging technologies to reform operations. The Recent American Recovery and Reinvestment Act (ARRA) calls for healthcare reform, including deployment and utilization of an EHR by 2014. The virtualization of systems and cloud computing are compelling models for improving workflows as well as patient care. In this article, we will discuss the basics of cloud computing, including key benefits and features.
Cloud computing, along with virtualization, has emerged as the next-generation computing technology. Stemming from various technologies and standards, including cluster computing, grid computing, utility computing, Web Services, and others, cloud computing focuses on providing a single, easy-to-use, virtualized view on a set of resources (data, computing power, network, and applications). “Cloud” can easily be defined as a set of network-connected computers. “Cloud”, however, can also be defined as a set of platforms, infrastructure, and software applications working in tandem to provide various electronic services to users over the Internet. In the cloud computing world, everything (from low layer hardware such as CPU, memory, disk, network etc to high layer software applications) is a “service” which is accessible over the Internet. These cloud services can be grouped into three categories: 1) software as a service (SaaS) – software applications provided as a service on demand, 2) platform as a service (PaaS) – service platforms provided as a basis on which software applications are deployed, and 3) infrastructure as a service (IaaS) – storage and computing capabilities provided as a standardized service infrastructure mainly supporting SaaS and PaaS. Cloud computing technology has many features and benefits, such as elasticity, scalability, cost-efficiency (“pay as you use” model), high-throughput, and availability. More and more software applications, along with business logic and data, move from local computers or servers into the clouds at a different level – public cloud, private cloud or hybrid.
For healthcare providers of all sizes, cloud computing looks very promising mainly because it can bring a significant amount of cost reduction in running electronic medical record applications, managing real-time high-throughput clinical workloads, maintaining IT infrastructure, and introducing new clinical solutions and updates.
Decisions need to be made between two extremes: building local computing infrastructure (having data locally) and keeping everything ‘in a cloud’. A large hospital might want to adopt cloud computing to build a private cloud. Smaller hospitals might want to invest in cloud-based infrastructure to take the burden of system administration off of internal staff / internal IT. A solo or small size practice (clinic) may want to keep all clinical applications in a cloud, including clinical data, and, by doing this, may even be able to improve EHR / data security. In this model, security is actually increased by the elimination of the risk of from server snatching or stolen laptops – because no sensitive data is stored locally (all patient information is stored in the secured cloud).
Each healthcare provider needs to understand the full scope of cloud computing for each practice, however, by examining the infrastructure features and security / access benefits of cloud computing, one can truly say the forecast for cloud computing in healthcare is sunny!
In our continuing series on information security, Jesse Erdmann, CISSP, looks at the data risk, security budgets, and Return on Investment factors in information security.
ROI in the security space has long been a difficult thing to measure. In many respects, ROI is the wrong term to apply when evaluating a security budget. The only thing for certain is that one way or another, an organization is going to pay for security. By doing the work of evaluating risks and needs, an entity can determine how proactive they will be about setting and limiting the price paid for security.
The models for allocating security spending can vary–from one budget to cover everything, to a number of buckets of a budget to protect information and systems (grouped together based on the value and risk of exposure). E.G. your most sensitive data resides on a small set of systems that gets allocated a higher budget, while the network at large has a smaller level of investment. In the end, however, your data and systems are either secured or they have been compromised, there isn’t a grey area.
So, how does a health institution evaluate the value of data and systems for each of those components?
* Sensitivity: The only groups who might consider their data to be more sensitive than patient data are intelligence agencies and the military. That’s it. The data held by a health institution is what a patient considers their most private information.
* Risk: How would patients react if there were a public incident of patient data exposure? Would the provider lose business? How stringent is the law in your state with regard to this data? How much would it cost to fight or settle a lawsuit? How likely are these events to occur?
* Attractiveness to Attackers: With organized crime trafficking personal identification for the purpose of identity theft, any large institution should consider themselves a target. Many simple attacks and novice attackers can be turned away with simple security measures to cover the basics. But, institutions known or suspected to have large quantities of sensitive data have become high-profile targets with more determined attackers. The more data you have, the more sophisticated those trying to get it will be.
This is just a brief introduction of the factors that go into calculating security risk and the associated ROI for security measures. There are several additional resources you can use to get started on evaluating your organization. Below are a just a few, I highly recommend the first link, an article by Bruce Schneier for csoonline.com
As Seonho Kim stated in his article, “Healthcare providers are under enormous pressure with healthcare reform”. Truly this is a time of change and impact to the healthcare community as a whole.
If you talk to any of the disparate trading partners in the healthcare community today, you will get a varying opinion about what ‘connectivity’ is, where it stands as well as the global connectivity needs of the marketplace.
With the multitude of healthcare business partners, service partners, and trading partners, along with the myriad of connectivity standards, systems, and protocols, there has never been a better time to standardize on one connectivity standard or platform.
Take a tour of the healthcare enterprise and one will see the vast, disparate systems built to support one initiative: connectivity. Some say the connectivity problem has been mostly solved, however, we must ask the question – is there really a unified, standards based, connectivity platform for all administrative and clinical data? The various vendor driven single platform efforts, while noble, have led us to the fractured, non interoperable healthcare market of today. The market needs a single, standards based communication platform with Federal Governance and oversight. That platform is NHIN.
The Nationwide Health Information Network, with Federal oversight and standards, is the missing piece. Image if all the networks and healthcare systems were connected and interoperable. Bringing the healthcare system together by bridging disparate networks, HIEs, systems, payors, service providers, and anyone else wishing to connect is the focus and feature of NHIN.
As we move towards 2010, and interoperability in the healthcare enterprise, NHIN offers an easy business case…standardize on one platform for universal healthcare connectivity!