Monthly Archives: March 2017

Improving Research with the Cloud

Posted on by

When it comes to fighting disease, it can often feel like an uphill battle that consumes funds and lives without end. While treatment options have improved greatly for diseases such as Parkinson’s, cancer, and heart disease, research methods associated with them have not and have remained largely stagnant over the past few decades.

Now, cloud technology may provide doctors and researchers with better, more consistent controls when it comes to collecting, measuring, and analyzing data. I’ve already discussed the ways that the cloud can assist with medical maintenance and improve patient outcomes through Big Data, but when applied to research, it offers consistency and an easy exchange of ideas.

Cloud computing is a prime example of disruptive technology, and nowhere else is it becoming more apparent than in the medical field, where integration with wearable devices offers access to a wealth of biometric readings in conjunction with easily-shared patient data, further blurring the line between treatment and research. Before this, data was often collected solely by doctors during patient visits, and inconsistent reporting measures majorly hampered the reach and quality of the collected data. The Michael J. Fox Foundation for Parkinson’s Research has tried to leave these practices behind and embrace cloud computing in an attempt to better understand and eventually cure the disease. With Big Data, the Foundation is able to get a better picture of the progression of the disease through patient wearables. Smartwatches allow researchers to monitor a number of biometric readings, including tremor symptoms and sleep patterns.

The Foundation’s CEO, Todd Sherer, Ph.D., remarked on the lack of progress in measuring Parkinson’s, stating that it measurement methods are “largely the same” as they were in 1817, when the disease was first described. In addition to the wearable devices that the Foundation uses, patients are capable of entering notes about their daily symptoms on a web portal as a more consistent substitute for reporting directly for a doctor. The information is then collected on Cloudera CDH, a secure data platform.

Parkinson’s isn’t the only disease that is being tracked through cloud services. The American Heart Association recently partnered with Amazon Web Services (AWS) to create a cloud system to empower scientists and researchers from all over the world to share data with each other. Previous data that has remained unseen for years is now being distributed on the cloud, to the mutual benefit of all organizations involved. While this system requires the people involved to sacrifice some level of self-benefit to provide progress toward a major problem facing humanity, enough researchers have stepped up to make the AHA’s new project a major step forward.

However, the cloud does still offer solutions for researchers interested in preserving their intellectual property. Hybrid clouds, another platform that I’ve discussed before, enable individuals to share data on a public cloud while storing their own progress on a private cloud. Because of this, others are still able to benefit from their research while they pioneer their own findings.

Not only is the cloud changing the way that data is collected and analyzed, it changes the type of data that can be measured. Compilation of genetic data is much more manageable than before thanks to better ways to sift through data, enabling researchers to better compare genomes and find subtle genetic trends that would otherwise take countless hours to detect.

Collecting a large amount of data to leverage through the cloud is part of the ongoing efforts of many research organizations; part of the ambitious Cancer Moonshot initiative is establishing a “data ecosystem” aimed at sharing and analyzing patient data on a national level.

It is exciting to see the cloud being used for medical goals in addition to business goals. From consumer trends to genetic trends, expect to see measurement metrics and data analysis improve substantially over the next few years as this disruptive technology rapidly becomes the norm in research.

Healthcare Compliance—A Short Guide for Businesspeople

Posted on by

When healthcare companies try to achieve operational compliance, expertise regarding physical offices is usually fairly well-known. However, when it comes to online and cloud operations, the requirements are much more obscure. Generally, when we talk about cloud compliance in healthcare, we’re considering ways to drive risk avoidance, increase revenue, and improve patient outcomes. Naturally, these three objectives don’t just apply to technology, but are a good starting point when considering technology plans. Beyond this, the primary objective of any healthcare company when it comes to technology should be data protection for any and all stakeholders, and there are a few ways of going about this.

HIPAA

The Health Insurance Portability and Accountability Act, or HIPAA, is a federal statute mandating requiring adequate security for any healthcare information. Complying with this act is highly important for any organization possessing Protected Healthcare Information (PHI), and can apply to a company even if it only has custody of a small amount of electronic PHI.

This is because the HITECH Act allows HIPAA to cover more businesses; including business associates that aren’t healthcare providers or payers.

EHNAC

EHNAC, the Electronic Healthcare Network Accreditation Commission, is an organization dedicated to helping companies determine whether or not they are HIPAA compliant and assist them with setting up proper information security measures.

Of course, there’s nothing stopping a healthcare company from completing their own compliance assessment, but generally, unless a company already has a large staff dedicated to operational compliance, auditing, and analysis, it’s more financially sound to leverage the services of an existing hosting provider. Note that, if a healthcare company chooses to strive for compliance on their own, they will likely still need a third party to conduct a comprehensive risk analysis.

EHNAC is a great way for companies to provide themselves with a strong compliance framework without the need to hire full-time specialists.

HITRUST

Similar to EHNAC, HITRUST is another organization dedicated to helping businesses meet health data compliance standards. HITRUST is more expensive, but their Common Security Framework (CSF) covers HIPAA, HITECH, and a number of other standards such as ISO, PCI, CMS, and COBIT.

HITRUST certifications are difficult to obtain and even more difficult to maintain given the ever-changing standards of the industry. However, if a company successfully does both of these things, they are guaranteed a good reputation when it comes to data security.

Existing BAAs

BAAs, or Business Associate Agreements, can also be gained from public cloud companies such as Amazon or Microsoft. Unfortunately, these services will not provide you with the compliance measures that you need. For instance, some general utility BAAs will not provide companies with the minimum breach notification as specified under HITECH, leaving the burden squarely on the company to detect any sort of breach. Look for providers willing to assume some or all of the risk associated with compliance measures.