Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/11/2012
09:57 AM
50%
50%

Health IT Managers Slow To Implement Cloud

Security concerns keep health IT pros from jumping on cloud computing faster, a KLAS study suggests.

12 Mobile Health Apps Worth A Closer Look
9 Mobile Health Apps Worth A Closer Look
(click image for larger view and for slideshow)
Healthcare IT managers understand that cloud computing has its benefits, but many are concerned about privacy and security issues and are delaying plans to move their critical patient data onto cloud-based systems, according to a recent KLAS study.

The recently published study--Path to Cloud Computing Foggy: Perception Study--which interviewed 97 healthcare CIOs and other executives at health organizations, found that while 58% of respondents are considering using cloud computing, only 35% who expressed interest in cloud technology said they have any concrete plans to implement it.

Weighing heavily on the minds of CIOs is how to manage the exponential growth of data that has come with the move to digitized medical records, as well as the growth of digitized medical images. With tighter budgets and a need to do more with less, healthcare delivery organizations are evaluating cloud computing as a way to cut costs and create greater efficiency, but the thought of putting sensitive patient data in a cloud environment is still a worry for many health IT managers.

"There is more and more data out there, but many health IT managers are moving very cautiously and doing their due diligence," Erik Westerlind, the report’s author, told InformationWeek Healthcare. Westerlind said one of the main concerns of health IT managers is whether cloud computing can help them meet their obligations to comply with the Health Insurance Portability and Accountability Act (HIPAA) privacy rule, which requires physicians to protect the privacy and security of patients' medical information.

[ Explore docs' fascination with iPads, see Apple Capitalizes On Doctors' iPad Romance.]

According to Westerlind, the health industry is still in the early stages of cloud adoption. He noted that healthcare delivery organizations have yet to transition critical data from their Electronic Health Records (EHRs), patient accounting, and Enterprise Resource Planning (ERP) applications to a cloud environment.

Nevertheless, survey respondents did acknowledge the benefits of cloud computing, with 60% of those polled saying cost savings would be the greatest benefit. By using cloud computing, health IT managers would avoid paying for additional onsite storage and network infrastructure such as expenses associated with hardware, labor costs, and maintenance of storage systems. Additionally, many respondents noted that they would benefit from enhanced disaster recovery and business continuity services.

Still, many health IT managers say they are waiting for cloud computing to mature to better address their data security needs. In the meantime, they are paying more attention to the pressing issues of meeting Meaningful Use requirements, and the transition to ICD-10 code sets.

The study also found that many respondents are concerned that public clouds, such as those being offered by Amazon and Google, may not provide adequate data security, privacy, and control of information.

On the other hand, private clouds garner greater confidence, especially among small physician practices that identified cost and security as the benefits of connecting their electronic health records to Software as Service (SaaS) cloud-based systems run by larger organizations.

For larger hospitals, the move to cloud technology is more tempered and will occur in stages, starting with moving non-critical applications to the cloud and delaying mission-critical data. The study also found that executives at larger hospitals cite other barriers delaying their transition to cloud computing.

“Some, mainly larger providers, see the cost of the cloud to be prohibitive, saying that they can do the same thing internally at the same cost or less. Still others expressed concerns about connectivity and availability and indicated that they will not consider putting applications in the cloud that require high availability,” the report states.

With regard to setting a timeframe for cloud adoption, 68% of respondents said they plan to adopt cloud computing during the next 12 months, 24% said their plans for cloud adoption will occur during the next 13 to 24 months, and another 8% said their cloud computing implementation will take place during the next two years. When are emerging technologies ready for clinical use? In the new issue of InformationWeek Healthcare, find out how three promising innovations--personalized medicine, clinical analytics, and natural language processing--show the trade-offs. Download the issue now. (Free registration required.)

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Lisa Henderson
50%
50%
Lisa Henderson,
User Rank: Apprentice
1/12/2012 | 1:05:31 AM
re: Health IT Managers Slow To Implement Cloud
Still the figures cited in the last paragraph are generally impressive toward the cloud: 68% plan to adopt cloud computing in the next year; 24% in the next 13 to 24 months; 8% in the next two years. So data security is an issue with cloud computing. Public cloud concerns notwithstanding, 2012 could be the beginning of security acceptance for many inside and outside the healthcare industry.

Lisa Henderson, InformationWeek Healthcare, contributing editor
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-3931
PUBLISHED: 2020-07-08
Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command.
CVE-2020-15600
PUBLISHED: 2020-07-07
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
CVE-2020-15599
PUBLISHED: 2020-07-07
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
CVE-2020-8916
PUBLISHED: 2020-07-07
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
CVE-2020-12821
PUBLISHED: 2020-07-07
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.