The question isn't should you use cloud computing. The question is how.
First tip: Don't go all in without some sort of disaster recovery plan. Disasters do happen in the cloud. Earlier this month, dozens of hospitals temporarily lost access to patient records due to a cloud outage.
They should have asked the tougher questions earlier of their cloud service providers. In this case, it was Cerner Corporation, which attributed the outage to human error. The outage affected Adventist Health, which reverted to using paper-based records during the five-hour interruption in service.
Having just written a story about the cloud for HealthLeaders magazine, I was startled by just how many hospitals appear to have entrusted their EHRs to someone else's data center. Dell Healthcare recently told me it hosts more than 500 hospitals' EHRs in its cloud. Many Cerner customers run their own data centers, but an increasing number do not, leaving the hosting to Cerner.
As federal and state dollars continue to flow to automate healthcare information systems, expect an accompanying stream of federal and state oversight and investigation into outages such as these. There have been no reports of serious incidents caused by the recent outage, but the risk of adverse events triggered by the unavailability of electronic records will only grow.
Don't expect vague explanations such as "human error" to mollify regulators or the public. Cerner should have gotten out in front of the coverage of this month's outage by posting a detailed explanation through its blog or a press release. It did neither.
One reason CIOs cling to their own data centers is that they gain a totally transparent view into their IT infrastructure. All the way back to the dawn of personal computing, a great benefit of data centers has been a view under the hood.
The cloud changes all that. Service providers sometimes let users in on all the inner workings of their operations, but often they do not. Diligent CIOs extract as much knowledge as they can during the evaluation process, but cloud-based services are often so complex as to overwhelm even the best-trained CIOs. There's a booming business in consultancies that can help make sense of cloud offerings, so CIOs can anticipate and head off trouble.
Clearly, some organizations are making great use of the cloud, and are finding ways to fund and grow adoption. It's been suggested that hospitals get together and share as many resources as they can without depending entirely on vendors, and one entire state has done just that.
The Colorado Hospital Association expects to achieve statewide medical image sharing in the first quarter of 2013, with all those images being served up by a private cloud.
Creative financing for the Colorado Telehealth Network came in the form of a grant from the Federal Communications Commission, which also allowed the association to equip 205 facilities throughout the state with sufficient bandwidth to serve up those images when they start flowing over the network.
The set-up also potentially obviates the need for costly health information exchanges to move those images about, says Colorado Hospital Association president and CEO Steven Summer.
(Health information exchanges are different than health insurance exchanges, even though sloppy marketers and journalists call them both HIEs. For the record, the correct abbreviation of health insurance exchange is HIX.)
The function of HIEs and cloud computing seem to be a natural fit. Private HIEs appear to be taking off faster than public ones, but don't you think set-ups like Colorado's are more cost-efficient and resource-savvy—not to mention less chaotic—than a plethora of private HIEs would be all over the state? Yet Colorado is the only state that has gone this route.
I understand the continuing tension over private versus public in healthcare. Private systems often innovate more rapidly. Cloud technology will proliferate in private networks as well as public. But accountability will be radically different. If the Colorado Telehealth Network has an outage, there will be immediate explanations, and they won't leave us wondering what really happened.
Which is not to say that private technology companies won't build the public-financed clouds. In the case of Colorado, Summer says the organization started by evaluating the offerings of five companies: GNAX Health, Merge Healthcare, TeraMedica, Iron Mountain, and Dell Healthcare. So far, they've narrowed the selection down to GNAX Health and Merge Healthcare. There will be only one winner, which hasn't been announced yet.
One other very interesting aspect of the Colorado cloud is that Summer describes it as a vendor-neutral archive, or VNA. "It doesn't matter what [EMR] system a hospital may use," he says. "The VNA will be neutral in terms of drawing down the images and using [them]. So we've eliminated any of what often become proprietary impediments."
The key to making VNA happen is getting all the participants at the table. That means all the public, private, urban, rural, and academic hospitals; the physician practices; and payers as well.
Meanwhile, the state provides bandwidth to all at a fraction of the cost it might have been, had this service been provided through private bandwidth service providers. That might be anathema to a provider that wants to sell lots of extra services on top of bandwidth, but it also helps preserve the neutrality of the shared cloud infrastructure.
As healthcare leaders sort through the opportunities and pitfalls of the cloud, it will be more important than ever for them to share their experiences. The dialogue is just beginning.
Scott Mace is the former senior technology editor for HealthLeaders Media. He is now the senior editor, custom content at H3.Group.