As the world transforms from the age of physical information into a generation of digital data, a new era of technological solutions has dawned. Every industry, organization, and business is looking towards a more viable future for its IT applications, and right now no platform is causing more controversy than the cloud. With a huge number of companies throughout every sector moving over to the cloud, it's no wonder that it's causing quite a stir.
While some argue that the cloud is the way forward for information technology as we know it, others have valid concerns about taking the leap. As practical a solution as the cloud may be for some, it undoubtedly won't fit the needs for every sector. Let's take a look at the cloud vs. on-premise solutions and which is most appropriate for the healthcare industry, specifically.
Trusting a Vendor
As the needs of the healthcare industry are very unique, understanding the significant differences and even subtle nuances between the cloud and an on-premise infrastructure is of paramount importance. With such a wide range of data to be protected, and areas such as Electronic Health Records (EHR) and Picture Archiving and Communication Systems (PACS) growing in terms of both platform and potential, it is absolutely essential for software systems to be both secure and accessible at all times.
One of the very first things to consider when making the decision between the cloud and on-premise systems is putting trust in a vendor. While moving to cloud computing may seem like an educated choice in some areas (namely in terms of cost based upon usage), when considering that healthcare organizations are essentially outsourcing their operational systems to a second and third party when leveraging the cloud, it may not seem so sensible.
Making use of the cloud means that an institution must not only trust a vendor with sensitive information, but that they’ll also give up an element of control. If a vendor suffers technical faults, access will be patchy and limited at best. Or in the worst-case scenario, if it goes out of business, both the organization and the data of each of its patients could then be at risk.
For the most part, imaging facilities and healthcare networks have historically spent both time and money investing in trusted on-premise infrastructures, and as such, already have safe storage solutions in place, as well as the personnel to manage them. In these situations, turning over confidential data to a cloud vendor for them to transfer it to the end user (i.e. another physician or the patient themselves), would just be introducing unnecessary risk.
Security, Backup, and Recovery
Security is often a defining factor when it comes to choosing between the cloud and on-premise solutions for health-based organizations.
In terms of the cloud, file storage is secured with file encryption - which can be especially important when it comes to confidential information. Certain vendors offer added security measures such as physical security protocols that are undertaken at the remote server data center, and these work to secure sensitive information from cyber theft. In some instances, file security can be better than internal IT systems, but many vendors actually obtain their hosting capabilities from a third party developer. In these cases, the third party vendor may even be outsourcing some of their own responsibilities, so data could easily pass through many more hands than originally anticipated. Its also worth noting that any of these external vendors would be an attractive target for a hacker, who could access multiple entities with just one focused attack, rather than seek out each of the systems independently.
In terms of on-premise servers, security breaches tend to occur on a much smaller scale. Physical threats of unauthorized access can be reduced by housing servers in rooms that visitors, cleaning crews, and even internal staff would not have access to. When protecting information from virtual trespassers, simply having trusted, well-trained IT professionals to oversee firewalls and monitor denial of service attacks should suffice.
Backing up data is as critical to the security of digital medical information as file encryption or firewalls. On-premise servers allow organizations to control how, when, and where data is backed up. Depending on the vendor, any data that has been back up in the cloud may not be accessible for days or even weeks, should some type of outage take place.
Connectivity
Connectivity is mission-critical to a healthcare organization because medical images, records, and other important information needs to be on hand at all times.
One of the perceived benefits of a cloud solution is that it has the potential to increase connectivity between differing systems. But should this come at the expense of security? For years, healthcare organizations have adhered to unbiased, vendor-neutral standards such as DICOM and HL7. It’s new releases of those standards that should pave the way for interoperability, rather than relying on external vendors to bridge the gap.
Diagnostic image departments can especially benefit from using on-premise solutions, as sharing large files is often a prerequisite. On-premise solutions can allow users to transfer tens and hundreds of gigabytes between integrated systems on a daily basis – the only limitations to access would pertain to the infrastructure of the internal network.
Hidden Costs
Both on-premise and cloud solutions have obvious cost considerations, but what about hidden charges that often go completely under the radar?
Cloud solutions may initially seem cost effective because their pricing structure is based on usage. Consider though, a hospital network that shares tens – or even hundreds – of thousands of studies per year. Moving that volume of data (stemming from the large file sizes of x-rays, CT scans, mammograms, etc.) can quickly exceed certain thresholds. Then afterwards, a facility may be faced with significant variable costs that weren’t budgeted for.
Infrastructure Investments and Upgrades
For many large health organizations, on-premise infrastructures are already in place and are functioning perfectly well. The consideration of cloud-computing often comes from a desire to streamline certain processes and to move with the times; however, any major changes or upgrades to technology will significantly impact current workflows and should therefore be carefully considered.
While on-premise applications will call for periodic upgrades, the majority of cloud vendors actually implement new releases and small technical patches on a frequent basis. This can cause disruption for businesses that rely on specific activities for productivity. Alternatively, on-premise software typically upgrades around every 12 – 24 months, and these upgrades often have contingency plans in place to keep disturbances at a minimum.
The Bottom Line
The choice between cloud services and on-premise solutions can make or break the functionality of a healthcare organization, as well as the security of its data. Making the right choice for your facility is not a decision that should be taken lightly.