Cloud computing offers a speed ramp into the electronic health record highway. But don't overlook critical questions about security, performance, say legal experts at HIMSS.
Cloud computing--that lofty-sounding term that conjures visions of pillow-like, white puffs in a baby-blue sky--is a great option for small practices moving to an electronic health record (EHR). Requiring only an Internet connection, a cloud-based EHR allows practices to access, store, and transmit data without worrying about shelling out big bucks for second servers or other heavy hardware parts.
But before practices take the leap into the skies, there are multiple considerations they need to take into account.
During a Thursday morning session at the HIMSS12 Conference in Las Vegas, Melissa Markey, a shareholder with law firm Hall, Render, Killian, Heath & Lyman, and Margaret Marchak, the associate VP and deputy general counsel for the University of Michigan, gave attendees an earful of these considerations.
A practice's data is still at risk even if it is not within reach. Remote data centers, which store a practice's EHR data, are not foolproof from data breaches. And the consequences of a data breach, which include government fines, state attorney general lawsuits, and reputational harm, are steeper than ever.
"We're seeing more class action suits," said Marchak.
Practices should make sure to ask vendors the following question, first and foremost: Where is your data?
"It's hard to tell you when you're using your cloud exactly where your data is," said Markey. "Some of the algorithms used for transmitting and storing bounce around. So you may be dealing with international transfers of data unintentionally and you may be subject to some international laws."
And some of those data security laws, such as those passed recently in Europe, Mexico, and India, may be more stringent than the ones in the United States, said Markey.
Next, practices should take their time in picking the right vendor, and check out competitive offerings in the market.
Healthcare providers must collect all sorts of performance data to meet emerging standards. The new Pay For Performance issue of InformationWeek Healthcare delves into the huge task ahead. Also in this issue: Why personal health records have flopped. (Free registration required.)
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.