The benefits of analytics in healthcare are compelling, and big data is fueling this with increasing quantity and quality of patient data with potential to enable major improvements in evidence based medicine, ultimately enabling greatly improved quality of care.
Combining this with cloud computing enables healthcare to rapidly realize benefits with less initial capital investment, more of a pay-as-you-go financial approach, and much greater agility, amongst other benefits. However, privacy and security are major concerns and an impediment to many healthcare organizations realizing these benefits. Further, legal and regulatory compliance challenges abound, from national to state level regulations, and across verticals and different types of data.
I had the privilege of moderating and participating on a workshop panel filmed at HIMSS 2013 in New Orleans with a group of leading experts:
• Nicole Martinez, Director of Nursing Informatics, Robert Wood Johnson University
• Brian Balow, Partner, Dickinson Wright PLLC
• Dr Khaled el Emam, CEO, Privacy Analytics
• Kim Singletary, Director of Technical Solutions Marketing, McAfee
See highlights of our workshop panel at the video above.
We discuss frontline healthcare workers real experience with analytics, the compelling benefits, common challenges, and practical solutions encountered in implementation. We also discuss the regulatory and legal landscape, and practical strategies for compliance.
A multi-layered approach to security emerges in our discussion as a best practice to mitigate risk, and we discuss several key security safeguards including risk based de-identification, tokenization, encryption and various administrative security controls including policy, effective training, audit and compliance, and contracts and plans with Business Associates.
We also discuss results from a recent HIMSS global research survey of frontline healthcare workers, highlighting challenges with IT department responsiveness and flexibility, the usability of solutions and security, and how usability is much more than a “nice to have”, having real impacts on compliance and risk where healthcare workers are compelled to use workarounds.
Based on this research we pose and discuss the pertinent question: “If we are going to secure our data in the cloud, which cloud is the data in?” We discuss how this research shows that the use of workarounds by healthcare workers can drive sensitive healthcare data into “side clouds” outside of the control of the healthcare organization, where it is at increased risk of confidentiality / breach, integrity, and potential trans-border data flow issues.
Last but not least, we discuss how usable hardware based security solutions can enable strong and usable security that avoid compelling healthcare workers to use workarounds, thereby improve compliance and reduce risk, and ultimately help ensure sensitive healthcare data stays in clouds where it is supposed to be, within the control and effective security of the healthcare organization.
What kinds of benefits, risks and practical solutions are you seeing with healthcare analytics in the cloud?