Cloud Computing Fosters Innovation within the Highly Regulated Healthcare Industry
Given the rigorous regulatory demands and the management of highly sensitive data, is the cloud an option for the healthcare industry? Additionally, can cloud computing help facilitate the innovation that is desperately needed within the industry? I had the opportunity to speak with Scott Whyte, chief strategy officer at ClearDATA, to hear his insights. Scott has spent his career helping advance digital solutions, and innovation within the healthcare sector. He was an early adopter of cloud computing and is energized by the progress he sees within the industry.
What advantages does the cloud deliver to the healthcare industry? Can cloud computing help facilitate the innovations needed within the industry?
SCOTT: Innovation is needed in nearly every corner of the healthcare industry. Cloud computing is elastic, so it is conducive for pilots and proofs of concept. It is an amazing resource for situations in which you need to experiment but aren’t necessarily committed to scale.
I’ve been a healthcare CIO and an enterprise vice president and had to buy millions of dollars of network hardware, computers, and storage. In many cases, before the cloud, I placed big capital bets on whether projects would work. High-risk scenarios obviously limit your approach to innovation. By sheer odds, fewer wins will materialize if fewer bets are made.
With the cloud, you don’t have this issue. You can start small, experiment, and if the project works, then you scale. If the project doesn’t work, simply shut it down—you’re not committed to a long-term capital expense. The cloud is a terrific environment for innovation in this sense. When you are ready to scale, you can quickly increase storage, computational resources, and users, and you can even scale across geographies and continents.
For instance, when the life sciences sector develops a solution, they often want to serve customers in Europe, North America, Asia, and elsewhere. If you were trying to manage this on your own hardware, you’d have to manage leases on data centers around the world and face many other complications. With the cloud, you can easily handle diverse geography and rapidly scale. ClearDATA has helped customers do exactly this – scaling digital health solutions for patients and caregivers in a secure, compliance manner across the globe.
A wide assortment of tools being at the ready is another element of innovation facilitated by the cloud. With legacy types of solutions, you basically build your own configuration—hardware, applications, integrations, and other elements. There are many pieces and parts that must work together.
However, the large cloud players have incredibly impressive additive tools like big-data solutions, machine learning, and natural-language processing. There are also many infrastructure automation tools available, so you can use a DevOps, Containers or other newer approaches of deploying and maintaining solutions. This work is much easier in the cloud, and the tools facilitating the work are also important contributors to innovation.
The cloud is not just about removing hardware from your premises. It facilitates much more favorable risk scenarios so you can try more new things and have many more tools at your disposal.
Given regulations and the sensitive data the healthcare industry must manage, is the industry favorable to cloud adoption?
SCOTT: The healthcare industry has lagged behind other industries, but cloud adoption is accelerating. The healthcare industry often lags due to the important, complex and ever-changing regulatory constructs it operates within. Also, some areas of the healthcare industry don’t have sufficient margins and investment resources, so that’s also contributed to the slowness.
However, cloud adoption is rapidly accelerating in healthcare, particularly within some segments of the industry. The health technology space has been the quickest to adopt the cloud. The pharmaceutical space, particularly in unregulated or lesser-regulated areas of the pharma supply chain, has also embraced the cloud. Now the payer space is moving quickly to reinvent how they connect with members, hospitals, physicians, and others working to figure out how to improve quality of care while driving down costs.
The healthcare provider segments, like hospitals and physician groups, have been the slowest to adopt the public cloud. But they’re also starting to move forward.
The industry is getting to the point where it can get away from worrying about where data storage hardware is located. Rather, it should focus on whether there are appropriate controls to demonstrate that we understand the changes made and whether those changes will have an impact on outcomes.
Do you believe Agile methodology-based practices work well within a highly regulated space like the healthcare industry?
SCOTT: There are some people who say that regulation is directly at odds with innovation and speed. This is true to a degree. But there have been efforts to reconcile the need for regulations that assure the safety and privacy of patients while allowing the market to innovate and progress. Even the Food and Drug Administration (FDA) acknowledges that the public cloud has many merits even within rigorously regulated environments.
Agile is being applied to documentation practices and to change management procedures; for instance, not pushing code into production unless it’s gone through the needed steps and there is a formal sign-off process and a record of the needed signatures. There are also security-by-design approaches that are gaining momentum. In other words, instead of adding security at the end of the process, security requirements are built in at the beginning.
How does on-premise data security compare with cloud data security?
SCOTT: Having been involved with healthcare organizations for many years, I know the cloud can and should be more secure than underinvested data centers that are under the helicopter landing pad of a hospital or the imaging system storage area that is underneath a water pipe. I have experienced both things.
Your community hospital simply cannot spend more on its data center security backup power systems than AWS, Microsoft, or Google. If you want a secure, resilient computing environment, the public clouds are stronger than a local hospital can provide. I think people, including security, risk and compliance professionals, are beginning to accept this.
This said, you still need to do the right things. We’ve seen with some who had incorrectly established data encryption on the cloud and exposed themselves to significant security incidents. If you don’t set up these constructs correctly, your data is going to be highly exposed. There have been some awful incidents in which people have incorrectly used cloud technology in a way that caused significant damage to patients. This is not the fault of the cloud itself; people need to take the steps needed to properly secure the data.