Comments on: Verizon Prescribes the Cloud for Medical Records

By: Mobile Healthcare Has Ills But the Prognosis is Good: Mobile «

Mobile Healthcare Has Ills But the Prognosis is Good: Mobile « — Tue, 09 Nov 2010 14:53:12 +0000

[...] iOS, etc.) are major players in the mobile technology segment, they are not as important to healthcare research as the cloud. Access to medical information online is driving medical uses since it can provide global access to [...]

By: The Cloud Cozies Up to Healthcare

The Cloud Cozies Up to Healthcare — Fri, 13 Aug 2010 21:25:05 +0000

[...] size of this potential market, vendors are rushing to bring EHR solutions to market. Last month, we covered one offering from Verizon, and Google has a similar pilot project it began in 2008. And last [...]

By: Stacey Higginbotham

Stacey Higginbotham — Thu, 12 Aug 2010 02:43:15 +0000

I asked Verizon if HiPAA was the reason it wasn't hosted on its cloud. It told me that it ran this service on dedicated infrastructure because the multi-tenant nature of the cloud service violates privacy and HIPAA regulations.

So if this is wrong (I am not a HiPAA expert nor a sys admin) then Verizon is wrong, although perhaps there are other reasons that it decided to host this service in the manner it has, that it didn't want to explain, and so it used HIPAA as an excuse.

By: Alexander Lopez

Alexander Lopez — Fri, 16 Jul 2010 18:32:49 +0000

Once we get physicians onboard with the idea of Practice Portability, which means moving medicine into the cloud, the stage will finally be set for the modernization of physicians practices and the industry as a whole. It's great to see such big players like Verizon and Google, among others, making big investments in the field to really drive some innovation in healthcare.

By: Alexander Lopez

Alexander Lopez — Fri, 16 Jul 2010 18:23:55 +0000

Alexander Lopez blog.carecloud.com

By: Verizon debuts nationwide health information exchange – SearchCloudComputing.com : ASHIM

Thu, 15 Jul 2010 17:03:08 +0000

[...] Healthcare Debate: Data Privacy and SecurityHuffington Post (blog)PR Newswire (press release) -GigaOm (blog) -CMIOall 43 news [...]

By: FCC To Propose Spending $400M to Connect Rural Docs

FCC To Propose Spending $400M to Connect Rural Docs — Wed, 14 Jul 2010 23:32:56 +0000

[...] Verizon Prescribes the Cloud for Medical Records [...]

By: Verizon Prescribes the Cloud for Medical Records | MateMedia

Verizon Prescribes the Cloud for Medical Records | MateMedia — Wed, 14 Jul 2010 22:49:19 +0000

[...] GigaOM Categories : Business, Cloud [...]

By: Pete L

Pete L — Wed, 14 Jul 2010 18:16:43 +0000

"Verizon isn’t using it’s actual cloud computing infrastructure, however, to host the exchange because the multi-tenant nature of the cloud service violates privacy and HIPAA regulations."

As someone that has actually managed IT and software development in the healthcare industry for many years and navigated all sorts of regulatory hurdles, I think you are wrong on this point. HIPAA is not even remotely technically prescriptive, certainly nothing that would allow you to make these sorts of bold assertions and I'm aware of no other privacy regulation in the US that would make this illegal. Furthermore, multi-tenancy is not inherently insecure, particularly not if designed for security. Your bank, for instance, stores your transactions in the same database tables even as many other customers and yet offers a level of security greater than almost any on-site EMR system at a physicians office or hospital. Likewise, millions of EDI transactions containing PHI are transmitted over the internet and used in massively multi-tenant configurations routinely for years (see WebMD, Zirmed, etc).... about all HIPAA has to say on the matter is that it uses some form of encryption.

You are hardly to first, but I've seen too many people blindly repeat these sorts of claims without doing any research of their own (of course, self-interested vendors, consultants, and others promote mis-information to peddle their wares).

FYI-The greater privacy issue, to my mind, is having vast quantities of PHI available online in a commonly accessible (mono-culture technology/access methods) and trying to balance ease of access by multiple clinicians with tight security. These are not inherently insurmountable obstacles and, further, would probably be best managed in a few (read: multi-tenancy) systems, where they can be stored in proper secure datacenters with full-time professionals, versus tens of thousands of separate systems staffed by consultants, part-timers and IT generalists in backoffices around the country.