Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/11/2012
09:57 AM
50%
50%

Health IT Managers Slow To Implement Cloud

Security concerns keep health IT pros from jumping on cloud computing faster, a KLAS study suggests.

12 Mobile Health Apps Worth A Closer Look
9 Mobile Health Apps Worth A Closer Look
(click image for larger view and for slideshow)
Healthcare IT managers understand that cloud computing has its benefits, but many are concerned about privacy and security issues and are delaying plans to move their critical patient data onto cloud-based systems, according to a recent KLAS study.

The recently published study--Path to Cloud Computing Foggy: Perception Study--which interviewed 97 healthcare CIOs and other executives at health organizations, found that while 58% of respondents are considering using cloud computing, only 35% who expressed interest in cloud technology said they have any concrete plans to implement it.

Weighing heavily on the minds of CIOs is how to manage the exponential growth of data that has come with the move to digitized medical records, as well as the growth of digitized medical images. With tighter budgets and a need to do more with less, healthcare delivery organizations are evaluating cloud computing as a way to cut costs and create greater efficiency, but the thought of putting sensitive patient data in a cloud environment is still a worry for many health IT managers.

"There is more and more data out there, but many health IT managers are moving very cautiously and doing their due diligence," Erik Westerlind, the report’s author, told InformationWeek Healthcare. Westerlind said one of the main concerns of health IT managers is whether cloud computing can help them meet their obligations to comply with the Health Insurance Portability and Accountability Act (HIPAA) privacy rule, which requires physicians to protect the privacy and security of patients' medical information.

[ Explore docs' fascination with iPads, see Apple Capitalizes On Doctors' iPad Romance.]

According to Westerlind, the health industry is still in the early stages of cloud adoption. He noted that healthcare delivery organizations have yet to transition critical data from their Electronic Health Records (EHRs), patient accounting, and Enterprise Resource Planning (ERP) applications to a cloud environment.

Nevertheless, survey respondents did acknowledge the benefits of cloud computing, with 60% of those polled saying cost savings would be the greatest benefit. By using cloud computing, health IT managers would avoid paying for additional onsite storage and network infrastructure such as expenses associated with hardware, labor costs, and maintenance of storage systems. Additionally, many respondents noted that they would benefit from enhanced disaster recovery and business continuity services.

Still, many health IT managers say they are waiting for cloud computing to mature to better address their data security needs. In the meantime, they are paying more attention to the pressing issues of meeting Meaningful Use requirements, and the transition to ICD-10 code sets.

The study also found that many respondents are concerned that public clouds, such as those being offered by Amazon and Google, may not provide adequate data security, privacy, and control of information.

On the other hand, private clouds garner greater confidence, especially among small physician practices that identified cost and security as the benefits of connecting their electronic health records to Software as Service (SaaS) cloud-based systems run by larger organizations.

For larger hospitals, the move to cloud technology is more tempered and will occur in stages, starting with moving non-critical applications to the cloud and delaying mission-critical data. The study also found that executives at larger hospitals cite other barriers delaying their transition to cloud computing.

“Some, mainly larger providers, see the cost of the cloud to be prohibitive, saying that they can do the same thing internally at the same cost or less. Still others expressed concerns about connectivity and availability and indicated that they will not consider putting applications in the cloud that require high availability,” the report states.

With regard to setting a timeframe for cloud adoption, 68% of respondents said they plan to adopt cloud computing during the next 12 months, 24% said their plans for cloud adoption will occur during the next 13 to 24 months, and another 8% said their cloud computing implementation will take place during the next two years. When are emerging technologies ready for clinical use? In the new issue of InformationWeek Healthcare, find out how three promising innovations--personalized medicine, clinical analytics, and natural language processing--show the trade-offs. Download the issue now. (Free registration required.)

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Lisa Henderson
50%
50%
Lisa Henderson,
User Rank: Apprentice
1/12/2012 | 1:05:31 AM
re: Health IT Managers Slow To Implement Cloud
Still the figures cited in the last paragraph are generally impressive toward the cloud: 68% plan to adopt cloud computing in the next year; 24% in the next 13 to 24 months; 8% in the next two years. So data security is an issue with cloud computing. Public cloud concerns notwithstanding, 2012 could be the beginning of security acceptance for many inside and outside the healthcare industry.

Lisa Henderson, InformationWeek Healthcare, contributing editor
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Digital Clones Could Cause Problems for Identity Systems
Robert Lemos, Contributing Writer,  8/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8913
PUBLISHED: 2020-08-12
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a dir...
CVE-2020-7029
PUBLISHED: 2020-08-11
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged ...
CVE-2020-17489
PUBLISHED: 2020-08-11
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible f...
CVE-2020-17495
PUBLISHED: 2020-08-11
django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database.
CVE-2020-0260
PUBLISHED: 2020-08-11
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152225183