Electronic Medical Records in the Cloud: How Safe is It?
Friday, July 15, 2011
by Andrew Spottswood, TROI IT Solutions
“Technology moves ahead fast — and it’s not going to slow down to wait for us to catch up. Even with that in mind, I have to wonder — aren’t we all getting a little ahead of ourselves?” That was the question a friend of mine posed to me last week. She’s an administrator for a healthcare group outside of Seattle, and together we’re exploring several options to update and enhance their Electronic Medical Record (EMR) system. Pondering her question, I could think of several instances where her concerns rang quite true — where “bleeding edge” solutions might actually hurt a business — and some good old tried-and-true “butter-knife edge” technology might be a better fit. In the context of our conversation, exploring options to host all the practice’s software and infrastructure in the cloud, her fear was both simple and understandable: Is it safe?
She’s not alone with her concerns. As technology consultant to dozens of healthcare groups across the western United States, we see more and more groups looking at cloud-based options to manage electronic health records, minimize upfront costs, enable high-level business continuity and remove the management of complicated infrastructure. Many are also asking the same question – is it safe? Will patient records just be sitting out there waiting to be hacked? In this online world where we’re covered in antivirus protection, anti-spam devices, and firewalls, won’t hackers simply target the biggest systems to get the most bang for their efforts?
So how do we begin to evaluate the safety of cloud-based solutions? I know some clients who tell me it just FEELS safer when they can see the equipment and blinking lights in their offices. Or, is fear of the cloud more like my sister’s fear of flying – where statistically she’s 62 times more likely die in the car on the way to the airport than in the plane itself? What’s clear is that we need facts to make an informed decision.
With these questions lingering, I went on a fact finding mission and found some interesting data from the US Department of Health and Human Services website. The HHS website discloses all health record security breaches that affect more than 500 individuals. 292 such incursions have been reported since September 2009. Examining this data offers us an opportunity to gain real insight into actual security breaches involving patient data.
Download entire article with original graphs and charts.
Andrew Spottswood, of Seattle, WA, is a senior technology consultant and manager with TROI IT Solutions. TROI provides server and IT infrastructure management, system hosting/cloud, desktop support, and IT consulting and project management to clients in the health care industry.