The world’s computers contain massive amounts of health data. Three out of every ten data storage systems are within healthcare. One patient creates nearly 80 megabytes of electronic protected health information (ePHI), including electronic medical records (EMRs), images, and other confidential data. In other words, this industry is the realm of big data – huge quantities of data, both structured and unstructured, that can be mined by organizations and studied to their benefit, but that is so voluminous that it is challenging to process it through traditional program and database methods.
Simply from a standpoint of how to handle and understand it, this data can be the source of many headaches.
Regardless of whether big data can be overwhelming, understanding and using it is a huge point of focus for those within the healthcare information technology (HIT) field – as it should be. The data has clear values to healthcare firms from numerous perspectives, not just in lowering costs but also as clinical information and as fodder to improve operations. Just to look at the first of those, McKinsey estimated the total worth of healthcare big data (in terms of the insights it could provide, its “data-related value”) at greater than $300 billion.
The right approach to healthcare big data
A report in Catalyst NEJM suggested that analyzing this information with better data analytics was crucial for healthcare organizations, and that investment in internal data science experts was necessary to maintain independence with information that would ultimately be used for its innovation and to determine its strategy.
The authors of the McKinsey report, Basel Kayyali, Steve Van Kuiken, and David Knott, noted that analyzing big data allows organizations to develop more patient-focused, holistic approaches, centering themselves squarely on finding the best treatment outcomes and lowest costs. The researchers suggested five different value pathways (really aspects to optimize) that healthcare firms can consider when they are looking at their systems and determining what technologies would make sense to better leverage the digital world:
- Making the most of day-to-day behavior – It is important to get your patients to take steps to improve their health when they are not at the office. Providers and others can deliver value by helping patients make the right decisions on how much they work out; what they eat; their sleep quality; preventive methods; drinking and smoking habits; and other behavioral aspects.
- Putting together the most effective treatment – Patients should receive therapies as quickly as possible (i.e., when they need it). They should also be treated with the most safe and effective modalities available. Quite a bit of high-quality and consistent treatment is about the facility having strong policies and procedures implemented. Care requires integration of perspectives; all caregivers should see the same data and have the same core objectives to avoid unnecessary redundancy.
- Matching the patient with the best possible provider – Any healthcare practitioners who provide care to the patient should have experience and be able to provide treatment that leads to optimal results. Rather than thinking in terms of their titles, these individuals should be chosen based on what they know. For example, a doctor does not always need to perform therapies for which physician’s assistants and nurses are trained.
- Delivering the best possible value – Both health plans and providers can intelligently cut their costs while maintaining or enhancing the quality of care. One way that could be achieved is by creating a system that links the outcome of patient treatment to the amount providers are paid. Another is a campaign to rid the organization of unnecessary expenses.
- Innovating wisely – Everyone in the industry should be concerned with finding novel and groundbreaking methods to treat patients and better deliver services. Beyond innovation itself, the system through which innovation arises should be strengthened. One way to bolster treatment is to work on clinically researching medicine through studies and by improving the output of internal research & development efforts.
Changing role of the data center
All this concern with big data is not lost on healthcare companies. Often data silos exist, slivers of information that lie outside the context of the real-time moment. Yes, information can be utilized to better financially streamline the organization and drive the best treatment. However, as indicated previously, simply organizing and managing big data is difficult. What organizations need in the digital world is a straightforward, coherent, easy workflow that can send data from one site to another and throughout different types of environments in a way that is HIPAA compliant – particularly in the form of privacy and security protections.
What this development means, essentially, is that organizations are paying significantly more attention to data centers; in turn, noted Gartner, data center professionals are driven to innovate and be as flexible as possible so that they can outperform the competition.
While the data center has previously been considered in terms of its expense, it is now central to making sure that patients are getting the right treatments that are of the highest quality; to avoid regulatory fines; and to create collaborative and educational connections. Previously the stakeholders concerned with the data center were the IT department, security professionals, and facilities personnel. Today more people are involved: doctors and nurses; health information management heads and chief medical officers; and directors of safety, sustainability, and compliance.
The model of viewing the data center is one of stable function, noted Gartner managing vice president Rakesh Kumar (in a separate Gartner report) – with features such as multiply redundant (with all elements backed up repeatedly), highly reliable and available systems; traditional management of vendors; clearly documented protocols to drive and monitor the introduction of new systems, and organizational structures that are divided into segments. The modern data center should instead be viewed as a factory and laboratory, suggested the report. It should process data like a factory. It should innovate like a laboratory, through data analysis.
Security as paramount for healthcare IT
To get that factory and laboratory active requires a compliant and secure setting.
Unfortunately, the implementation of different new technologies has grown faster within the healthcare field than has the deployment of sufficient protections for privacy and security, noted a 2016 study from the American Journal of Translational Research. Because of the adoption of new technologies, incredibly, the authors mention that more attack surfaces were emerging within healthcare than in any other sector.
While people involved in healthcare IT often talk in terms of HIPAA compliance, the concern with meeting federal requirements is only part of the risk. There is additional risk simply in the threat of an attack, the possibility of hackers encrypting all your data and demanding a ransom, or otherwise costing your organization huge amounts of money.
It is, after all, about money: cybercriminals are targeting healthcare simply because the data is valuable. It is not just valuable on the black market but to the healthcare entity as well: the per-record cost when data is stolen is $363, per the study – higher than any other economic segment. The comprehensive cost of a breach is $2.1. million, according to 2015 figures. Strong security is about managing your own vulnerabilities.
The good news is that many of the risks to healthcare data have to do with weaknesses that are already understood. The concern, then, is to bolster individual awareness so that security is prioritized.
Your compliant health IT hosting partner
Awareness is one thing; to embrace the digital world, you also need a system that is carefully designed and monitored, with appropriate technological safeguards deployed in the data center. At Atlantic.Net, our HIPAA compliant healthcare hosting is SSAE 18 SOC 1 & SOC 2 (formerly SSAE 16) certified and HIPAA & HITECH audited – redundantly third-party verified to meet strict security parameters. See our HIPAA managed hosting.