You’ve decided to host one or more of your strategic applications remotely or in the cloud. If you’ve gotten this far, you’ve done a lot of due diligence ensuring the application will perform in a remote environment as well as assessing the financial impact of this decision – which hopefully included some efficiencies. With the ink drying on the signed contracts, it may be a good time to consider: Will this live up to the marketing hype as the “easy button” and a panacea for all your IT woes?
As with many complicated questions, and arguably more so with healthcare applications, the answer is, “It depends.” You successfully shifted risk and responsibility to a 3rd party company, but not everything became their concern. It is important to note that there is still a significant amount of IT responsibility within your local healthcare environment – in particular, the network itself, plus the hosts and the remaining servers and storage that rely on the network.
Computing devices require a rock-solid wired and wireless network to serve as the foundation for accessing applications hosted locally or remotely.
Local network and infrastructure services are critical to the success of your remote/cloud hosting strategy. Before we go much further, we need to remember that your clinicians, schedulers, patient transporters, housekeepers, billers, and other support staff require a computing device to interact with their applications. Even when a virtual desktop environment is part of your hosting or cloud agreement, the local computing resources require reliable and fast network access to that virtual environment. Telephones and fax machines (often the least thought of technology in a medical environment) are commonly fully dependent upon the local network as their primary communication path.
Medical devices continue to rely upon the local network just as they did before.
Medical devices normally have a network interface for transmitting data or images upon which patient care depends. That equipment can include radiology imaging, lab, robotic surgery, pneumatic tube system, pharmacy robot, building security system, HVAC, overhead paging and even the treadmill in the cardiac rehab gym. Common equipment found on the wireless network includes laptops and tablets, computers on carts, materials management equipment, patient translation tablets, device location systems, nurse call and other medical phones, and all manner of clinical apps that run on BYOD devices. None of these systems are replaced when moving applications to hosting or cloud providers.
Moving to the cloud doesn’t replace/reduce the need for networking in your healthcare environment for local computers and devices.
Marketing materials for remote/cloud computing describe IaaS (Infrastructure-as-a-Service), PaaS (Platform-as-a-Service) and SaaS (Software-as-a-Service) as each having a network component, and rightly so. Virtualizing server and storage components require networking to communicate between those components. Let’s be crystal clear, however, that the networking components inside the hosting or cloud provider’s environment in no way reduce or eliminate the networking components required in your healthcare environment that allow your local computers and devices to communicate.
A thorough network assessment can prevent negative user experiences and scope creep.
The success of your new hosting or cloud project is jeopardized by a substandard healthcare network marring the user experience or scope and cost creep to right that experience. You must ensure your organization is positioned to manage and maintain a well-informed network lifecycle strategy.
Risks and responsibilities for the cloud vendor versus healthcare organization
No conversation about the critical nature of the data network is complete without also talking about network security (or cybersecurity). In some cases, the assumption is made that now that the hosting or cloud provider is responsible for protecting the application and its data that the need for security on the local network is reduced. That is simply not the case. Cybercriminals won’t stop probing your healthcare network. Any data or access gained from local devices allows them to increase the size and scope of current and/or future cyberattacks.
Let’s imagine that it was possible to move all your healthcare applications to remote hosting or the cloud. The current consensus is that most organizations can move 30-60% of their applications to hosting or the cloud due to application incompatibility, licensing, etc. Traditionally, healthcare organizations have even more legacy applications that are incompatible with hosting or the cloud than other industries. But let’s imagine that it was possible to move 100% of your applications to the cloud to see what that leaves us with on the healthcare network.
Looking at the network security components, we see that Identity and Access Management (i.e., usernames, passwords, permissions/access), firewalls, business-to-business virtual private networks, secure remote access, security logging, security information and event management, and business continuity and disaster recovery are requirements both in the remote/cloud environment and on your healthcare network. Public key infrastructure (i.e., certification management and authentication) is also a component of the remote/cloud and the healthcare environment. Data loss prevention, with all the data now remote to your local network, is no longer a concern on your healthcare network. End point defense and end point access control (protecting your healthcare computers and devices and governing which healthcare networks they can access) is unique to your healthcare network as much as the cameras and badge readers are that make up your building security. The chart provides a look at where your organization’s network management responsibilities may lie even in the hypothetical scenario of moving all applications to remote/cloud:
Security Component Management Responsibility |
Remote/Cloud Vendor |
Healthcare Organization |
Identity and Access Management |
|
|
Firewalls (web filtering, web proxy, intrusion prevention, etc.) |
|
|
B2B VPNs |
|
|
Secure Remote Access |
|
|
Security Logging |
|
|
Security Information and Event Management (SIEM) |
|
|
Business Continuity and Disaster Recovery (BCDR) |
|
|
PKI (Certificate Management) |
|
|
Data Loss Prevention |
|
|
End Point Defense |
|
|
End Point Access Control |
|
|
Building Security and Automation |
|
|
We can see that while the remote hosting or cloud provider now has risks and responsibilities for your applications and data, that didn’t eliminate many similar needs on your local healthcare network.
The bottom line
Moving your healthcare organization to remote/cloud computing can have many benefits when careful planning and execution are involved. At the same time, maintenance and protection of your local network and computing devices continues to be critical to the success of your organization even after remote/cloud computing is in place.
It would be more than disappointing for your new hosting or cloud project to be undermined by a substandard healthcare network that leads to a negative user experience, scope and cost creep, and losing out on the efficiencies that sold you on the project in the first place. Your local network and its support personnel are still vital to your success. Fortunately, many options can help you reach the goal of optimized remote/cloud and network management strategies, and it’s best to develop one strategy with a clear understanding of the other.