Featured
Is there a dark side to cloud computing?
The other side of cloud computing
Cloud computing is all the buzz these days! Various entities are jumping on the bandwagon, touting its virtues. It is the next great thing. Well, in attempting to understand cloud computing, I discovered it still is in the process of being defined and comes in many forms and varieties. If there is still a lot of vagueness to a concept, what is one jumping to?
In terms of healthcare, rapid adoption of cloud computing is a mine field waiting to happen. If EMRs were to go in this direction, I have the following questions:
1. Who actually owns the records?
2. Where is the physical location of the records, since by definition they exist in a virtual space?
3. If EMR is a service, what happens if the service ends? Does the clinician lose those records?
4. What happens if the service cost becomes prohibitive, does the clinician get the records back?
5. Who is responsible for breaches in the cloud computing environment, the clinician or the service provider?
6. How can the clinician be sure of the integrity, security and privacy of the cloud computing service?
7. Who regulates cloud computing?
8. With such a vast network, how can a cloud computing provider prevent a hacker from breaches?
9. How fast can cloud computing handle bulk scanning of medical records?
10. What happens when the internet connection fails? How does a clinician access his/her records and chart then?
These are just a few of the important questions that still need to be answered. I certainly won’t be the first to venture into this arena, until some serious bugs are worked out on the design and implementation. With federal breach penalties and fines approaching $1.5 million and prison time, I’m going to let someone else be the guinea pig.
Call me old fashion, but I still like to have the records in my possession, albeit in server form. By owning the server and the data therein, no one can take away my records (provided it is backed up). If the internet goes down (which it has), I can keep on charting via the direct connection to the local server. I can also perform high speed scanning directly to the local server at high capacity. Even when power has gone out in the building, I could keep on charting due to the backup batteries. There is nothing worse than having no charts when one is seeing lots of patients or having your business support staff grind to a halt.
Don’t get me wrong, I’m all in favor of technology and progress. I do think that we need to act cautiously as technology advances to make sure it doesn’t compromise healthcare’s integrity and security. Patients and providers get very nervous if this is eroded in any way. I will be the first to embrace advances in technologies when they have a proven track record of user friendliness, security, privacy and well defined ownership. These were high on my list when designing and implementing ChartShare.
I’m very new to EMR but I’m sold on your approach to this. There’s tall grass here.
As a user interface designer, I am tasked with solving end user problems and sending the solution to software engineers for implementation as code. Now that the market is flooded with cheap cloud computing resources, lots of vendors are popping up selling software services like financial management (Mint) and data backup (Jungle Drive.) Some make sense, but some are worth being concerned about.
For example, consider an EMR delivered via the web. If the data is sent via the web to a remote data storage facility, there’s not only the bandwidth bottleneck to contend with (diagnostic images won’t exactly be small files), but there’s the undeniable fact that the data is no longer in your hands. Indeed, who regulates the cloud? Sure, it’s possible to encrypt data in transit and transmit that data via secure networking protocols. Yet, for all the VPNs, firewalls and intrusion detection systems in a Fort Knox data center, any data transferred offsite is still offsite.
For that reason alone, an EMR application served on a secure local network, on hardened local servers, is the most practical implementation. It gives doctors this new technology that can help them, without taking away, letting them benefit from information technology but still retain physical control and ownership of their medical records data. Plus, the local connection will let office staff continue to work instead of watching upload progress bars pack.
It simply isn’t practical to expect physicians to adopt an EMR software that forces them to change the way they handle patient information, let alone defies them to even use it.