by Matt Ferrari
Co-founder and Former CTO
This is the first in a series of blog posts this year covering the trending topic of Next-Gen Managed Services.
Time flies in healthcare IT, but not long ago I was in conversations with well known analysts, and then with various leaders across the public cloud, and the concept of next-gen managed services revealed itself. We have seen the important work of traditional managed service providers (MSP) for a few years – these are the third-party experts employed to help healthcare organizations with their presence on the public clouds - Amazon Web Services, Microsoft Azure and Google Cloud Platform. The traditional MSP services revolve around provisioning, running, maintaining, or supporting enterprise IT environments such as infrastructure managed services or cloud managed services, making sure the healthcare organization’s employees can do their jobs. While there is likely some intellectual property, as well as automation, the majority of managed services providers are following ITIL-aligned incident management, leveraging a ticketing and support-based system of fixing things as the situation calls for it.
Over time, healthcare IT has moved so far forward that it is in some ways outgrowing the traditional MSP, and the best of the MSPs are now transitioning to a new model of Next-Gen Managed Services. Simply put – this means ongoing and proactive services that are delivered by software as opposed to services reliant on people. That can mean automation of services the MSP delivers from a technology perspective, or it can mean automating processes around change management within the healthcare application itself. Automation can range from upgrades and patches, to detecting and resolving anomalies in security and compliance, or even notifications that drive action to a healthcare practitioner.
When properly executed, the automation inherent in Next-Gen Managed Services can build operational efficiencies and cost containment at a time when budgets are stressed to zero margins. It can also provide speed and agility in growing a business on the cloud. Automation significantly reduces human error without reducing human workers, who are then redirected to core competencies and meeting business objectives as well as becoming automation experts themselves.
The focus is on driving business outcomes for better incomes, and getting in front of issues and problems rather than the retroactive traditional MSP model. That can translate to improved ROI. While the next generation model focuses deeper on automation and providing proactive guidance through intelligence to customers, it also means your services and solution provider is focusing much deeper on understanding the required business outcomes of your healthcare organization. The Next-Gen MSP is often focused on integration – integrating their software platform alongside the healthcare organization’s platform so there is seamless integration as it relates to new technologies like CI/CD (Continuous Integration/Continuous Deployment, which I will discuss in the next post in this series) or business continuity, or security and compliance as with ClearDATA Comply™ Automated Safeguards and technical controls.
By getting out of the game of relying on incident management and ticket submission management for core services, the Next-Gen MSP can be building proactive automated response and integration to tools such as a SIEM (Security Incident Event Management). Public clouds have technologies that log activity, and healthcare organizations have enterprise level security system tooling, and these can be integrated into a single point that benefit the security and compliance team. That team can use the cloud’s HIPAA-eligible services knowing that their Next-Gen MSP has integrated automation to make that HIPAA eligible service HIPAA compliant.
Additionally, staying with the example of ClearDATA’s Automated Safeguards, we - as an industry once shackled by legacy hardware - can move past the days of static monitoring. The retroactive methods of “Oh no the app is down because it has fixed thresholds ie, we’re out of RAM,” can make way to a new and better way that is anomaly detection where you can leverage technology like machine learning and autoscaling groups built into your monitoring solution. You can see when things are happening inside the app or infrastructure in advance of a problem, and can employ your self-healing solutions to remedy it without taking the app down, as with automated safeguards. This allows the traditional MSP to redefine how they deliver things such as security incident response as it relates to threats such as malware, because they are focused on security by design and continuous compliance as part of their build and automation. Being able to identify where there are anomalies across multiple environments and remediate before they turn into an actual problem is game changing for the Next-Gen MSP and their clients, moving that MSP from an ITIL vendor model to become more of a trusted advisor.
When you think about traditional managed services, they are often focused on running/operating through virtual machines known across the clouds as AWS EC2, Azure Virtual Machines, or Google Compute. The Next-Gen MSP is using automation, CI/CD, healthcare-based reference architectures, and cloud native HIPAA-eligible services, so rather than lifting and shifting workloads to the public cloud and then figuring out how to transform them to more cloud first, cloud native technologies, the Next-Gen MSP moves from the run-and-operate model to one of understanding how the healthcare organization designs their service level agreements with their patients and providers, and what their operating agreements are. They are focused on a design, architect, and automation approach that moves individuals who used to do ticket management to automation experts who can provide stronger solutions to the organizations they serve - solutions and services that rely more on DevOps and Infrastructure as Code, rather than having to manually touch the system every time it needs something. They are always thinking about how to guide the healthcare customer on how to optimize costs by leveraging native public cloud services to reap the benefit of the public cloud itself.
You see this in ClearDATA Comply Automated Safeguards, which remediate situations when they detect a deviation in compliance. To deliver high-end and high-value Next-Gen Managed Services, you need to think about systems integration, understanding how the app evolves inside the system, including change management. You also need to think about how the app can auto scale, and ultimately how to move into a sleek and efficient model so when it’s time to make a change to the application – whether at the code level or the infrastructure level– there is an automated process in place.
The Next-Gen Managed Services Provider will be a strategic ally for the healthcare organizations they serve because they can integrate directly into that organization’s DevOps environment, their CI/CD pipeline, or their third party app location so they can empower the organization by being less about tech support and more about strategic consulting. They understand it’s not about the technology itself, but how your organization uses technology to reach your business goals.