Skip to content

Moving Healthcare Workloads to the Cloud

It’s time for the industry to embrace its digital future.


Antiquated. Inefficient. Struggling to integrate.

These are the words and phrases I’ve heard normally sanguine business and IT leaders in healthcare use to describe the industry’s woefully outdated data management practices.

Consider how this impacts patient care, productivity, and the workload of professional caregivers: Off-site radiologists and pathologists must sometimes travel to a hospital to read images. Overworked clinicians looking to transfer patient records must mail digital copies burned to a CD, or fax them. Or they sometimes can’t access even their own files because on-premises servers, which are often overburdened, can crash, or have legal constraints, leaving medical staff in a bind when that data is urgently needed.

While the rest of the world continues to speed toward digital transformation, the healthcare industry, where I’ve spent my entire career, in both informatics and technology domains, is operating in the horse-and-buggy days. They need to shake the rust off and move to service-oriented data storage, management, and analytics—cloud infrastructure, in other words.

Tanium’s Cyber Hygiene Assessment: An actionable path to better endpoint management and security

Federal requirements, modern communication needs, investor pressure, clinical outcomes, and telehealth demands driven by COVID-19 have made this clear. It’s not that healthcare leaders aren’t aware of the need to embrace the cloud. It’s just that the pace of its adoption has been that of a snail’s. In many ways, healthcare is at ground zero when it comes to cloud migration, facilitation, and operation.

Industry studies, as well as my own discussions with more than a dozen CIOs and CTOs, bear this out: Some 30% to 40% of healthcare organizations consider themselves experts when it comes to building for and using cloud services, compared to around 60% of those in the financial services and retail industries.

While industries like banking have benefited from about a decade of cloud adoption, healthcare has been very hesitant in embracing digital strategies. By now, the reasons are familiar: patient security and privacy concerns compounded by regulatory oversight. Healthcare providers’ primary responsibility, aside from patient care, is to abide by various regulations, including the Health Insurance Portability and Accountability Act (HIPAA).

[Read also: How healthcare providers can defend themselves against ransomware]

And because they often face life-and-death decisions, healthcare providers fear migrating their data to the cloud. They ask, Is it safe? How long will it take? Will it disrupt our patient care? Will I be able to access what I need? These are all valid questions. And in most cases, they can be addressed with good cloud IT, risk, and governance hygiene.

Answers from yesterday

The pandemic has pushed healthcare into a new century. Due to the explosion in telehealth and other virtual-based care applications, 75% of healthcare organizations plan to invest in telehealth this year, according to business consultancy BDO’s 2021 Healthcare Digital Transformation Survey. That’s up from 42% in 2019. An additional 64% plan to invest in electronic health records systems (up from 43%), and 56% plan to invest in patient portals and other digital messaging (up from 50%). 

The federal government has helped drive this effort, providing $27 billion in incentives through the 2009 Health Information Technology for Economic and Clinical Health Act (HITECH), which was part of the American Recovery and Reinvestment Act. HITECH successfully encouraged healthcare providers to adopt electronic health records and improved privacy and security protections for healthcare data. We need a similar stimulus fund today.

Such a program could be the fuel that accelerates digital and cloud adoption. Pre-pandemic, healthcare organizations were dipping their feet in digital data waters. Now, they are much more focused on migrating old technology to the cloud and transforming data and applications. Some 66% of healthcare CIOs surveyed by Accenture say they are in the process of shifting to a cloud services model by migrating existing applications or by building on new cloud platforms.

[Read also: 4 industries that are ready for what’s next]

The healthcare CIOs whom I speak to now recognize that cloud technologies are, in many ways, more secure than co-located or on-premise data centers. In fact, while security was once a knock against cloud adoption, these CIOs now point to security and data protection as their primary objective in adopting cloud technology. That is a welcome and promising change.

The biggest challenge those CIOs face now is in-house—convincing the C-suite of this attribute. Fortunately, they have data to back them up. Experts say that 60% of enterprises that implement public cloud security controls will experience one-third fewer security failures, according to research cited by Accenture in its report The Healthcare Cloud Security Paradox.

The healthcare CIOs whom I speak to now recognize that cloud technologies are, in many ways, more secure than co-located or on-premise data centers.

Of course, business and IT leaders must choose carefully, and with a critical eye to correct cyber hygiene. With so many cloud providers on the market, it’s crucial to make the right selection and find one that can address the specific technical requirements of a healthcare organization.

Some other things to consider:

    • Vendors: Often security failures occur because outside vendors or other business partners aren’t protected, allowing cyberattacks through vulnerable backdoor channels. Healthcare organizations need to question how cloud providers use third parties and business partners, and IT departments must make sure security standards apply to anyone who has access to the cloud network or can get into storage facilities.
    • Cyber hygiene: As the move to the cloud takes place, IT departments must practice good cyber hygiene by ensuring software is updated and patched, network availability is maintained, and a robust backup routine is instituted. If these steps aren’t followed, data can be lost.
    • Migration pacing: Information can’t be migrated all at once. Many systems cannot move large data at the same time because of hardware and network restrictions. Figure out what needs to go and when it needs to go before committing to a migration plan.
    • Endpoint management: The better a healthcare organization manages its endpoints, from laptops and PCs to tablets and printers, the smoother it can run its cloud migration. An endpoint management platform provides critical insights and security.
    • What to leave out: Cloud migration is not an all-or-nothing process. Some aspects of healthcare data, like clinical trials, may be better off securely channeled between endpoints and on-premises servers. Data and apps for other noncritical functions, like finance and administration, may be ideally suited for online storage.

Ultimately, cloud computing is essential for the future health of our healthcare industry. Cloud, with the right security, empowers professionals with a multitude of opportunities that come with the ability to train giant datasets. In the past, this kind of collaboration was used for obscure research projects. But today, it is crucial for tackling global healthcare challenges.

Sanjay Joshi

Sanjay Joshi is chief information officer for healthcare and life sciences at Tanium

Tanium Subscription Center

Get Tanium digests straight to your inbox, including the latest thought leadership, industry news and best practices for IT security and operations.