With the upcoming Cloud and Healthcare summit scheduled for a few short weeks from now I thought I'd post a bit within this important area that affects so many of us directly.

PHI (Protected Health Information) and PII (Personally Indentifiable Information) are essential security and privacy components of the new HITECH changes in HIPAA that are designed to protect information the government deems private and therefore protected.

What is new about all this is that the new regulations are tied to driving efficiencies in healthcare - partially through more efficient access to patient information or what is referred to as EHR - "electronic health records".  The trick of allowing freer access to information while still managing to adequately protect it is the cornerstone of this regulation. Embodied in the regulation are also "breach" notification requirements which requires healthcare entities to share breach information.

What does this have to do with cloud? Well that depends - cloud provides an ability to look at the efficiency problems of healthcare in a different way:

- Instead of building and maintaining their own Infrastructures - use the cloud. This reduces costs by shifting capital $'s to operating budgets and the cloud providers also provide the technical expertise allowing a heathcare provider to focus on heathcare and less on information technology.

- Look at Software-as-a-Service as a way to augment existing information technology and provide a way to ramp-to-the-cloud. Many existing applications are finding their way into the cloud as companies like Microsoft, Google, and Amazon try to atract healthcare developers. Products like Meditech and PACS Workstationare already accessible and usable over the Internet with many more being adapted and designed to inter-operate with other SaaS services. SaaS allows the provider to remove the requirement to manage and maintain the applications and infrastructure and having access to applications such as EHR or PACS subject matter expertise.

- Convert the existing data center facilities to a "private cloud" leveraging virtualization and technologies technologies. While this doesn't remove the ownership of the infrastructure from the provider it does allow the provider to maximize the efficiency and availability of the existing systems while keeping all the systems and information in-house.

- Consider a hybrid system - that puts the management infrastructure in the cloud while keeping the data inside the providers walls. This increases complexity and may be more costly than a SaaS pureplay yet may alleviate patient PII and PHI concerns.

The bottom line is this is a great time to look at ways to drive efficiency while protecting patients. Come to the Silverlining Cloud Healthcare summit on Ocotober 23rd to ask questions and meet some of the folks who are experts in Healthcare who have or are going to use the cloud to manage some of their information infrastructure.