Exclusive article by Joy Efron, Vice President Business Development, ChartLogic
Users of healthcare technology are hearing more and more about “the cloud,” but what is it, and where is it? If you don’t know, you are not alone.
The cloud is a mystery to many people, perhaps most. It is some new-fangled thing IT professionals concocted, right? It is the latest, greatest, super duper, all-powerful, all-mighty . . . what exactly?
Admit it, if someone could explain the cloud in simple terms and in less time than it takes to read a typical email, you would feel better and more enlightened. The references you so often encounter would finally make sense. So, here goes. Stay with me, continue reading, and I promise, in three minutes or less, you will understand.
It used to be that software of any sort was purchased outright by a medical practice, for a not-so-small sum of money, and owned in perpetuity. An additional, lesser sum of money, paid on an annual basis, assured a medical practice the software would be maintained in good working order and periodically updated with new and enhanced features. And if the initial burden were too great, a medical practice could seek an outside source of financing that allowed for monthly installments under a lease arrangement, with a requisite interest fee.
Now, the industry is turning to a software-as-a-service (SaaS) model, whereby a medical practice uses software on a pay-as-you-go subscription basis. The software is no longer owned in perpetuity, and the matter of an up-front investment has all but disappeared.
These new SaaS-driven financial terms coexist with a major shift in the technical manner software is made accessible. No longer is software installed on a machine (server) that resides at a medical practice; and no longer does it run on a local area network that connects all the computers at a medical practice. A SaaS model harnesses the power of the Internet, and more often than not, this means data is stored in “the cloud.”
So, when you hear of software in the cloud, what does this mean, and how is it beneficial to you?
In the simplest terms, cloud computing involves storing and accessing software and data over the Internet as opposed to a physical machine (server) located at your office.
With a cloud-hosted solution, you don’t have to install, configure, test and secure dedicated hardware and software, nor do you have to continually back up, update and maintain it.
Cloud computing eliminates those tasks, which means you don’t incur the time, manpower or expense associated with them, and your IT resources are available to address more pressing concerns.
Plus, the cloud is everywhere, offering the ultimate in mobility and convenience. You are no longer confined to your office. You can access cloud-hosted software 24/7, anywhere that offers Internet connectivity. A Cloud-hosted solution is always ready to use, whether you’re at home, a hospital, satellite clinic or traveling.
How do you ensure the safety and security of your data, and all matters concerning HIPAA compliance?
Cloud computing, by design, provides the highest possible level of safety and security. A Level 3 or Level 4 colocation data center equipped to serve healthcare technology vendors ensures maximum technical, administrative and physical safeguards.
If considering a cloud-hosted software solution, be certain to verify the following colocation data center attributes:
- Adherence to healthcare and technology standards and regulatory requirements, including:
o HIPAA/HITECH,
o FISMA,
o ISO/IEC 27000,
o NIST 80-53,
o ITIL, and
o US-EU Safe Harbor Privacy framework.
- SSAE 16 and ISAE 3402 Service Organization Control (SOC) 1 Type II, SOC 2 Type II, and SOC 3 reports.
- End-to-end SSL protection with 2048-bit or greater key strength encryption for data in flight and at rest.
- Firewalls and other network communication boundary devices.
- Anti-virus, intrusion and vulnerability prevention (from attacks, IP spoofing, port scanning, packet sniffing, etc.).
- Continuous monitoring for optimal performance and availability.
- Two to three times redundant environment.
- Backups and replication with automated failover.
- Six or more Internet connections from multiple geographic locations.
- Two or more utility grids.
- Physical security 24/7.
- Cabinet/cage, perimeter and ingress points monitoring.
- Video surveillance with minimum 90-day retention.
- Badge and biometric authentication.
- Logs and audits.
- Automated climate and temperature controls.
- Fire detection and sprinkler systems.
- Generators and inline UPS.
- Quake resistance up to 7.8 RS.
The author, Joy Efron, is Vice President Business Development at ChartLogic.
ChartLogic has been developing and delivering healthcare technology solutions since 1994. The company offers a full ambulatory EHR suite, including electronic medical record, practice management, revenue cycle management, e-prescribing, patient portal and more. ChartLogic is known for its proprietary command-and-control methodology that seamlessly and intuitively integrates voice recognition to the entire electronic charting process. ChartLogic was the first vendor to achieve ONC certification as a complete ambulatory EHR in support of the government’s meaningful use incentives program. The company is based in Salt Lake City, Utah, and is privately held. For additional information, visit www.chartlogic.com, or call 888-337-4441.