Healthcare IT Trends: Cloud Computing and Compliance

In 2010, it is hard to find an industry more in the midst of an IT revolution than healthcare. There are a number of healthcare IT trends to follow; but this article will focus on only two: an old favorite, compliance, and a new favorite, cloud computing.

The Health Information Technology for Economic and Clinical Health (HITECH) Act has a lot of words and does a lot of things. But, in terms of healthcare compliance, let's consider the ways in which it makes HIPAA a bit more ornery.

Enforcement: Most people in healthcare agree that HIPAA has not been rigorously enforced. But, although words will never hurt us, in HITECH, new language is meant to make us take notice. "Willful Neglect" is introduced. Though a subjective term, it is assumed to mean that Covered Entities that have a cavalier attitude about HIPAA now take-on an even higher risk. Civil penalties for willful neglect rise to $250,000 and to $1.5 million for repeat violations. State Attorneys General can now bring actions on behalf of State residents. But, if you're more concerned with sticks and stones, HHS is now required to conduct periodic audits of Covered Entities.

Breach Notification: Many States, including Maine, have data breach notification laws. HITECH imposes similar rules specifically on healthcare Covered Entities. The Act requires that Covered Entities notify patients if there is an unauthorized use or disclosure of the patient's "unsecured PHI." If a breach impacts 500 patients or more, the covered entity must notify HHS. HHS will post the name of the Covered Entity on its website. Under certain conditions, local media must also be notified. HHS has yet to define "unsecured PHI." But, most assume unsecured PHI means PHI that is not encrypted. Data encryption may be a Covered Entity's get out of jail free card.

Business Associates: Before HITECH, certain HIPAA Privacy and Security requirements were indirectly imposed on Business Associates through a contract, a Business Associate Agreement. Now, HITECH directly imposes HIPAA Security requirements on Business Associates. In addition to compliance with HIPAA Security, Business Associates must report security breaches to Covered Entities and may be directly subject to HIPAA civil and criminal penalties. Life as a Business Associate has become more challenging. It is even more important for Covered Entities to put their Business Associate partners on notice.

The technology industry often feels cold and overly logical. But every so often, an IT engineer's natural zest for romance molds a confusing concept like Internet Infrastructure into a more poetic mystery, Cloud Computing. Though equally confusing, doesn't Cloud Computing sound more intriguing?

Cloud computing is computing using the increasing web of computers connected by the Internet. The cloud metaphor suggests that if you could step back and look up, you would see a vapor of computer connections and data, rising up and condensing in a cloud of information in the sky. It's an okay metaphor, but to keep it simple, just consider that you compute in the cloud every time you use the Internet to connect to your bank account.

In practical terms, cloud computing means that organizations no longer need to have their own servers, networks, or even data, stored locally, in their own building, in their own server room, or perhaps more accurately, in the old broom closet down the hall. Organizations can store their data in their vendor's building and server room and simply use the Internet to access the information they need when they need it. This will not only free up the old broom closet, it will also free up the old budget.

Think of cloud computing as a technology co-op. Instead of everyone buying their own network, servers, and software, organizations can share technology, and the cost of implementing and maintaining it, with their peers.

Imagine an Electronic Medical Record (EMR) co-op. According to the Certification Commission for Healthcare Information Technology (CCHIT), there are several hundred vendors that currently offer some form of EMR in the cloud. The EMR vendor hosts and manages the software and technology infrastructure; while your organization and other healthcare organizations all over the world pay a fee to use the application. You access the application through an Internet connection. In addition to providing the software as a service, the EMR vendor protects your individual data and likely provides a host of value added services.

Cloud computing has plenty of advantages:

Cost may be reduced and capital expenditures are converted to operational expenditures.
Users can access applications using a web browser regardless of their location.
Data is managed off-site which makes it suitable for business continuity and disaster recovery.
Security is often better because vendors can spend more money, resources, and time on security. Also, HITECH makes most healthcare vendors offering cloud computing Business Associates that must live up to HIPAA Security standards.

Most applications are moving to the cloud. At some point, your organization will have to make a financial decision: Do you invest up front, build your local computing infrastructure, and keep your data local; or do you amortize your investment over recurring monthly charges and keep everything, including your data, "in the cloud?"

Critical Care:
Identify problems before they become failures.

Sign-up to learn about upcoming events.

Preti Flaherty
GoodWill Industries
Alpha One

“You guys really came through for us this weekend. You not only came in on Saturday and helped me with a problem, but then we had a more catastrophic failure. (catastrophic would not be one of your terms). Our system was down: busy week-end, credit cards, file server, you name it. You came back in Sunday, Pronto, which I really needed and got us straightened out. It was terrific! Kudos to Systems" Engineering for doing such a great job.” - Casco Bay Lines www.cascobaylines.com
“If you want it done the right way the first time, these are the guys to use.” - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
"They are dealing with other banks and financial institutions so they see things I don’t necessarily see. They understand the needs of financial institutions and they take our needs seriously." - Keith Gosselin, IT Officer of Biddeford Savings Bank biddefordsavings.com
“With Systems Engineering it’s about the relationship. We’ve been burned by other vendors; to them it was more about shoehorning in their products and services into our environment. Systems tries to help supplement whatever you might been lacking; whether that’s manpower or some certain expertise, but they never try to force you into things.” - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
“We’ve got a solid network with minimal issues. They do quality work and are a great, dedicated group of people.” - Keith Gosselin, IT Officer of Biddeford Savings Bank
www.biddefordsavings.com
“Systems Engineering CIO outsourcing has helped us align ourselves more closely with our different business units. That’s been a very important transition for us.” - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
“These are people who truly care about their customers. That’s a breath of fresh air in this world.” - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
“Financially, you could never train or certify everyone on every single product we have here. If we did, my training budget would be 5-6 times larger than it is. That’s where Systems Engineering comes in.” - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
“Like other nonprofit organizations with a limited staff and budget, it’s always a challenge; there’s less money for equipment, software, and manpower. Systems helped us by supplementing our staff and providing critical care support." - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
"I have a lot of trust in these guys. They’re a key partner because they play a very important part in what we do. Strategically, they’re a resource. Technically, they’re a resource. I look to them to play a key role, not just to be a simple cost center that we’re paying every month to do this or that." - Keith Gosselin, IT Officer of Biddeford Savings Bank biddefordsavings.com
“I’ve dealt with a lot of engineers from different organizations, and these guys at Systems Engineering are just the best. I know whenever they come over to fix anything, it’s going to get fixed. I never had that reassuring feeling with other vendors.” - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
“Our services depend on accurate information, delivered efficiently and consistently all across Maine. The people of Software Solutions have always worked hard to get an in-depth understanding of our needs, and to develop systems that make a real difference to our operations …and the well-being of our consumers.” - Agnes Winship, Attendant Services Payroll Manager, Alpha One www.alpha-one.org
"Systems Engineering works with me on my goals. They don’t try and sell me things I don’t need. They don’t push technologies that don’t fit. They listen to me and give me suggestions and recommendations. If they think I’m missing something, they are going to tell me. It’s a partnership that works to achieve the firm’s goals. For us, it’s about building long-term relationships and working together to solve problems" - Darryl Hendricks, Director of Information Technology, Preti Flaherty
"We hired Systems Engineering because we knew that they were an organization that could keep us ahead of the curve. They brought over some very bright, hardworking trustworthy people to help us solve some highly critical IT issues. When it comes to client relationships, Systems Engineering conducts their business in a very similar way to the way we conduct ours. In other words, I feel as if I gained a partner. - Teresa M. Esposito COO/CFO of H.M. Payson & Co.
“We’ve been very happy with their level of support and the knowledge of their engineers is phenomenal.” - Mark Weatherby, Director of IT, Goodwill Industries www.ginne.org
"I don’t know of any other supplier that has the depth and breadth that Systems Engineering has; from programmers, to Cisco engineers, VMware engineers, Microsoft engineers – no one else has that kind of expertise on tap." - Darryl Hendricks, Director of Information Technology, Preti Flaherty
"They have been trustworthy partner and they have helped keep us on task. The relationship allows me more time to do strategic planning and researching." - Keith Gosselin, IT Officer of Biddeford Savings Bank biddefordsavings.com
“We had a thunderstorm hit us on a Friday night. It blew out all our outlets and took out our entire network. Systems Engineering came in that night and worked through the weekend. They had everything back up and running before everyone came in on Monday morning. That’s why I say Systems Engineering gives you peace of mind.” - Ralph Hendrix, COO of Macdonald Page & Co. www.Macpage.com
“I sleep better at night knowing we have a local technology partner with the resources of Cisco behind them. That makes me feel pretty good.” - Keith Gosselin, IT Officer of Biddeford Savings Bank biddefordsavings.com
“We rely on technology 24/7 to be competitive in our marketplace. Years ago, I could give somebody a 13-column pad and a pencil and a calculator, and they were up and running. Those days are long gone. The importance of technology to my business on a 1-to-10 scale is a 10.” - Ralph Hendrix, COO of Macdonald Page & Co. www.Macpage.com

Contact Systems Engineering Today!