What should you pay attention to and what criteria should you consider? That is where this checklist comes in. It helps you finding a health cloud that fulfils your requirements.
One provider defines health cloud as a backend solution for health apps, another as a network for physicians or a communication platform for medical data sharing, another calls an external archive health cloud. The choice is huge and the differences are, too. Therefore, comparing health clouds is hard.
Public, Private or Hybrid Cloud
When it comes to health clouds, we can distinguish between three main types: public, private and hybrid cloud. Accessability, low maintenance and scalability are the main benefits of a public cloud. The biggest disadvantage: You need stable internet access for the public cloud to be always available. A private cloud on the other hand comes with high costs. Implementing and customizing is expensive and scaling can be tough. Moreover, you need a dedicated IT team, making this solution unsuitable for smaller medical practices. A hybrid cloud unites the benefits of a public with a private cloud. It is also more cost-efficient than a private cloud. Sometimes implementation and adjustment might make later changes harder to execute.
All three solutions – public, private and hybrid cloud – offer their benefits for healthcare IT. No matter for which option you decide, data privacy and protection are important with all of them. What health cloud you pick in the end should therefore not depend on the question „Which solution is the most secure?“, but more on the question „Which health cloud fits best to our budget, is easy to implement as well as convenient to modify later?“.
Data Privacy and Protection
You cannot stress data privacy and encryption enough. Most important in doing so: How is personal data encrypted by the health cloud? Thereby it is not only important that the data is encrypted, but also it is stored encrypted – consistent and client-centered preferably asymmetric with a private and public key. The provider should under no circumstances have access to medical data without the consent of the user. Health cloud services provided by health insurances or on their behalf might be disqualified for this reason.
Pay extra attention to the place where the provider stores medical data. Prefer data centers in Europe over those in the U.S. or anywhere else in the world. However, even German subsidiaries of U.S. corporations might be obliged to hand over their user data in some cases. Hence, the place of the data center is not the only criteria to consider when thinking about data privacy and protection.
To be on the safe side, you can choose a health cloud that is certified with a data privacy and protection seal of quality by an independent institution. Check their credentials and their website to ensure that their information is correct and complete, the institution is truly independent and the certification process is thorough.
To integrate the health cloud seemlessly into your medical practice and clinic software, watch out for high interoperability and open standards. The health cloud should have vendor neutral interfaces such as DICOM and HL7, so that third-party providers are able to connect their applications to the health cloud securely.
When it comes to features you should check what you really need in your practice or clinic. Also take into consideration all the features you might need in the short and in the long run. Many health cloud services are able to store and transmit medical and laboratory reports, prescriptions and medication plans or offer online video consultations. However, processing DICOM images and thus offering background services, online tumor boards or second opinions is more complex and therefore only offered by a few health cloud providers. Moreover, you should consider a health cloud that is patient-centered. Then the patients themselves decide who they share their medical data with, for what reason they share it and for how long.
Take a close look at the customer support of the health cloud you consider. After all, you want to feel in good hands and receive immediate and capable help should any problems or questions arise. How qualified are their employees? If for instance one team leader guides a team with more than 30 members, coaching and quality cannot be guaranteed. Or if their is no structured way of internal knowledge transfer e.g. via intranet, knowledge gaps of some employees cannot be closed as easily. It is best to ask current or former customers for testimonials in order to get authentic company insights.