Top Considerations For Cloud EHR BuyersCloud computing offers a speed ramp into the electronic health record highway. But don't overlook critical questions about security, performance, say legal experts at HIMSS.
Cloud computing--that lofty-sounding term that conjures visions of pillow-like, white puffs in a baby-blue sky--is a great option for small practices moving to an electronic health record (EHR). Requiring only an Internet connection, a cloud-based EHR allows practices to access, store, and transmit data without worrying about shelling out big bucks for second servers or other heavy hardware parts.
But before practices take the leap into the skies, there are multiple considerations they need to take into account.
- Automating Hospital Workflows That Maximize Efficiency And Patient Satisfaction
- How Healthcare Payers are using Customer Communications to Improve Productivity and Effectiveness
White PapersMore >>
During a Thursday morning session at the HIMSS12 Conference in Las Vegas, Melissa Markey, a shareholder with law firm Hall, Render, Killian, Heath & Lyman, and Margaret Marchak, the associate VP and deputy general counsel for the University of Michigan, gave attendees an earful of these considerations.
[ See our complete coverage of the most important live event in health IT on our HIMSS Special Report page. ]
For starters, security should be top of mind.
A practice's data is still at risk even if it is not within reach. Remote data centers, which store a practice's EHR data, are not foolproof from data breaches. And the consequences of a data breach, which include government fines, state attorney general lawsuits, and reputational harm, are steeper than ever.
"We're seeing more class action suits," said Marchak.
Practices should make sure to ask vendors the following question, first and foremost: Where is your data?
"It's hard to tell you when you're using your cloud exactly where your data is," said Markey. "Some of the algorithms used for transmitting and storing bounce around. So you may be dealing with international transfers of data unintentionally and you may be subject to some international laws."
And some of those data security laws, such as those passed recently in Europe, Mexico, and India, may be more stringent than the ones in the United States, said Markey.
Next, practices should take their time in picking the right vendor, and check out competitive offerings in the market.
Healthcare providers must collect all sorts of performance data to meet emerging standards. The new Pay For Performance issue of InformationWeek Healthcare delves into the huge task ahead. Also in this issue: Why personal health records have flopped. (Free registration required.)