When discussing the cloud in relation to the healthcare industry, there is a necessary differentiation that must be made between companies that provide service directly to patients and the businesses that exist to help support those direct-to-consumer organizations. Today we’ll focus on the latter group and discuss some of the things those businesses need to think about with regards to cloud computing and the value it can provide.
Service providers to healthcare organizations don’t consume cloud in the same way as other industries: they don’t tend to be burstable or to need to tackle the problem of explosive traffic. Companies that are providing these value added services to healthcare providers font have the same needs or dynamic run loads, or any issues that are particularly poignant in the start up or the media industries where cloud cloud is leveraged to facilitate so much against the core application’s requirements.
Healthcare servicing companies’ main challenge is related instead to how quickly they can bring their customers to service. And this issue in particular is where cloud can become a powerful tool and a major differentiator. Two or three years ago for some of these providers (mainly SaaS) to take on a larger client and provide the offerings they needed, it wouldn’t be a matter of week – instead clients would be looking at getting fully up and operational in a matter of months to get services built, processes in place,be racked stacked and fully operational. It wasn’t a quick practice.
What contemporary SaaS providers have really taken to heart with the cloud is they can create very repeatable processes, virtual segregation, and very robust networks without requiring a lot of superfluous overhead, or gear. The big requirement here is expertise to better deliver on the dream of cloud for these types of customers. That’s where a an agile MSP may be the best choice for large state-licensed SaaS providers, or where a service like AWS may solve it for other healthcare clients. At the end of the day, for these clients, it comes down to how quickly they can turn around their product to their clients. Because when all products are the same and the client pool is a limited , speed to service is the main factor that will keep your current customers coming back and bring new ones to your offering.
Looking into the future, as we get more of these SaaS providers consuming cloud (building private clouds, and to some extent services in public cloud) what we will see is the gap between SaaS models, in terms of deliverables to clients, will shrink. The next hurdles that will become more prevalent are:
A) The feature set: If it solves, in order of magnitude, more problems the healthcare client has (compared to their competition), then its going to be a more relevant product.
B) The absolute quality: In terms of software quality, quality of product itself and ultimately the quality of how well it works for the client as a function of how well the infrastructure is architected for that SaaS provider. So that’s where a truly good MSP really have become a trusted partners and build solutions for their clients that are absolutely bullet proof and don’t fail to ensure delivery of service to their clients (and their client’s clients) that speaks to quality from end to end.
Its important of course to consider that pitfalls that MSPs are bulletproofing against.
HIPAA, the standard bearer of healthcare IT compliance, is one small facet in security – it’s a great guidelines and best practices, and MSPs really must show you that they adhere to it to remain relevant as a cloud provider. With any compliance, the premise provides a layer of process so that if you have a breach, accountability is easily achieved.
But that is such a small scope in terms of quality of service. MSPs need to not only adhere to HIPAA, but also to help those clients adhere to other all other industry standards, because, at the end of the day, the more you do proactively, the more you plan for and mitigate against, the smaller your chance of a breach. When you are doing that much and you’ve done everything you can possibly do to achieve compliance and security, when that breach does happen, the time it takes to understand is much shorter. You can be more transparent about how the breach happened, so you can communicate it to your clinets faster (and they to theirs). It becomes easier to contain, less impactful from a financial standpoint in terms of fines leveied against your organization. Compliance and security really comes down to risk mitigation.
What healthcare supporting service providers need to look for is an MSP who has a good understanding of the regulations, the technology, and can deliver a produc that does not create problems for usability in favor of security. There is such a thing as being too secure. The old joke in the 90s was “How do you secure a windows computer?” The standard reply was “You unplug it.” Though an oversimplification, there are aspects of this joke that still ring true today. You need to find a provider that understands what security and usability really are, and how they marry those competing directives to one anoher will determine if you should sign that contract.
By Jake Gardner