Cloud migrations promise to help hospital IT teams better manage healthcare data, but migrations are no easy feat. A successful migration to the cloud requires extensive planning and attention to detail in key areas, according to Beth Israel Deaconess Medical Center CIO John Halamka, Beth Israel Deaconess Care Organization CIO Bill Gillis and Johns Hopkins Medicine Chief Technology Officer Dwight Raum.
When looking to begin migrating hospital records to the cloud, health organization IT teams should look to focus on a few key areas:
Uptime and Reliability
Risks like denial of service attacks and natural disasters can keep any CIO up at night. For peace of mind, thoroughly understand a potential cloud provider’s strategy for high availability and redundancy, as well as how it will keep clients informed if an outage occurs, Gillis says.
CIOs must work with providers to ensure the lowest possible network latencies. Consider establishing dedicated connections to public clouds to keep latency rates near single-digit milliseconds.
In addition to having providers sign business associate agreements, request third-party audits to confirm adherence to industry-standard security and privacy capabilities.
Halamka suggests negotiating with potential cloud providers for indemnification against privacy breaches. If talks fall through, consider a third-party cyber liability policy. He recommends coverage of $300 per patient for the costs of a breach.
Thoroughly question cloud providers about how they manage encryption keys. “Each provider handles encryption a little bit differently, so legwork goes into determining what’s best for your institution,” Raum says. “Ultimately, you must decide whether a provider’s policies and methods for key management constitute acceptable risk.”
Ensure that the existing IT staff has the skills needed for managing resources in the cloud. “Put the right people in place and provide them with the training needed for transferring resources from on-premises data centers to the cloud,” Raum says.