Government
SaaS a big winner in health stimulus
Mar 8th
One conclusion I was able to draw from last week’s HIMSS show is that Software as a Service (SaaS) is the only way clinics and small medical practices are going to get health IT in time to collect that sweet, sweet stimulus cash.
From big SaaS companies like AllScripts to smaller ones like Practice Fusion, the buzz was electric and the lesson obvious.
(Practice Fusion CEO Ryan Howard is shown at his HIMSS reception last week. He’s expecting a better year than the Phillies slugger of the same name. Which is saying something. (Then again, I’m a Braves fan.))
Most large hospitals have their solutions in place, or are in the process of implementation. This vendor relationship may be the most important thing on a hospital CEO’s plate right now.
From what I gathered on the HIMSS show floor, most of these vendors are lining their customers up to collect cash on investments made long ago.
Collecting on the 2011 meaningful use guidelines, watered down as they’re expected to be, will be fairly simple, and lobbying by both hospitals and vendors could water down the 2013 and 2015 guidelines so they don’t have to spend anything above current plans to collect on them.
Many small practices have been assuming that the hospitals will bring them their health IT. Admitting privileges are a powerful weapon. If the hospital mandates you go with McKesson, you may have no choice.
But small practices may well ask, what’s in it for me? Going with the hospital’s IT solution only ties you closer to the hospital. You have your clinic because you want to stay independent. And many hospital systems were not really designed to scale down.
Thus, SaaS. There is little up-front expense, no server in the closet. You can back up records overnight with Carbonite or a USB-linked hard drive — you can backup 2 terabytes at Costco now for under $300, including software.
SaaS vendors can scale quickly thanks to cloud computing. The biggest problem may be assuring clinics that their broadband connection won’t go down mid-day. But a lightweight version of the software, again on a nurse’s station, can handle that eventuality.
Services like SharEHR claim to require no training while others like Practice Fusion cost nothing thanks to ads. If the hospital demands your records, you can talk to them about that later.
Contrast that with the cost of putting in servers, wiring your office, training your staff, and learning it yourself, which is what many EHR vendors were offering clinics just a few years ago. The horror stories from that are many.
Personally I am still waiting for the glorious tech revolution to strike the doctors I use most often. My pediatrician has a PC on his desk to help with billing, but the kids’ records are still on paper. My internist is also paper driven. My dentist is a computer hobbyist but still brings out a file folder each time I visit. Last time I got new prescriptions I still drove them to the pharmacist.
This tells me there is still an enormous opportunity to automate small practices, but 2011 will be here before you know it and the only way I can see them going is to buy it as a service, stimulus cash or no stimulus cash.
Related posts
Cloud computing at RSA: It’s not all fluff
Mar 5th
he RSA Conference invited several guest speakers to talk about a variety of topics surrounding cloud computing, including security, value propositions and cost savings to consumers and IT departments which want to reduce costs of information storage. Guests offered various views on scalability, security risks and efficiency models that indicate that there are significant value added services that can reduce IT costs dramatically.
For consumers, the decisions of IT services used by various sized businesses convinced into using cloud computing affects how cloud information and products are used, and how the vendor manages and protects information that potentially exposes you to events beyond your control. Businesses recognize these potential risks and are aware of impacts they may bring upon themselves if cloud computing services are vulnerable.
The evidence is clear – networks are hacked into everyday. Credit card information, transaction records, bank account information, personal identification records, etc. are retrieved through network intrusions regardless if they are stored in managed private networks or outsourced to public cloud based providers. So what makes sense to implement?
Value propositions of shared infrastructure costs spread over a number of customers at a central data center repository suggests that there are significant savings to be had by entering into Cloud based network services. Cloud computing offers different architecture designs, some are good and some are poor. Those that are enabled with shared data drives, network switches, routers, firewalls, intrusion detection systems and VPN domains and hardware should be thoroughly reviewed and analyzed during your service provider review. Consumers have little choice — and little knowledge of how CIO’s and IT departments make these choices.
The components involved in making such decisions are pretty basic, yet continue to be immersed into classic Fear, Uncertainty and Doubt (FUD) debates. Network hacking and intrusions into large network infrastructure such as Google, Intel, Yahoo, and financial data centers are everyday news.
Should something go wrong…
Are the advantages of Cloud computing compared in-house management of data worth the risks or not? Are the financial savings gobbled up in tarnished image and damage control? There are white papers offering several views on the subject here on ZDNet. You can decide from a technical merits perspective if the human and hardware costs savings can make a difference to your IT budget. These key benchmarks of return on investment can be categorically stated and offer ‘reasonable’ accuracy in financial reporting terms.
What cannot be put into the financial statement or projected costs savings are the unknowns in your company’s brand protection should something go wrong. Other considerations are litigation, insurance (risk) costs, and other service liability claims that could arise.
Soon to be a part of the equation are privacy and document responsibility protection costs that are not possible to calculate because the laws concerning how you protect your customer information are in a state of flux — and tort reform is not likely to be addressed in the near future. The more information is stored in central repositories where information about you is collected and used from single source environments, the more risk is taken upon by the provider of cloud computing suppliers. In a business environment that currently is experiencing difficult cost saving exercises, cloud computing is a potentially attractive option. In the current political environment the old business mantra of: ” too big to fail” is no longer true. Just ask GM, Lehman Brothers, and just about all pension funds. Today, a lot of companies have significant IT costs that potentially hinge upon whether or not they become the next dead, nearly dead, or put on life support entity. This may trigger how much risk a company undertakes managing information and intellectual property.
Consumers in many ways have simply become numb to it all. It’s almost acceptable that it is going to happen and why fight it. The tolerance level appears to be very high to potential impacts to an individual’s information. But how much more are people willing to take before it’s too much – let alone too late to fix? The tolerance to credit card fraud has been acceptable in the past because the consumer has never been liable for damages. But as people become accustomed to electronic health care records, personal profile data and purchasing history becoming intermixed and interconnected, that may change how much risk and tolerance consumers are willing to put up with.
Even Google is vulnerable
It was OK when it didn’t happen to you, but when it does, the tune suddenly changes. Data centers that are operated by third parties invite more than just criminal intent, including government oversight, profiling, personal attack, manipulation and legal litigation that may wind up being more expensive to you and the company that entered into a cloud computing service than realized. In fact, I would suggest that cloud computing service providers like Google are exposed to legal and financial risks that could lead to their demise.
In the United States, government agencies like DOJ, FTC, FITC, FBI will be of no help until after the fact. They simply pick up the pieces after an incident occurs. There are no regulations or federal guidelines that are enforceable in a cloud computing environment prior to commencing service. The privacy and criminal laws are not certification or compliance elements. ISO standards and other litmus tests are not mandatory, nor are they sanctioned by any government agency. In some countries, like Canada and Australia, there are requirements with respects to privacy and information security to be in compliance with concerning management of information, but not how they are physically stored within a cloud provider’s infrastructure. Insurance companies are just beginning to learn how to offer product liability products concerning Cloud service providers and they will require certifications like IS0 27001 and SAS70 reviews.
Of particular concern is access to information by government authorities. By hosting your information with third party entities, you may not be even aware of search warrants and monitoring by government agencies and this creates potential vulnerabilities that are not only beyond your control, but potentially damage your company’s credibility - permanently. Processes, policies and jurisdiction issues are upcoming hot spots creating significant legal and ethical questions that are not transparent. Service providers can stress that they have the best security and controls in the world. They are no good to you as a company or individual when the authorities knock on their door and you don’t even know.
Criminal and intelligence communities’ attraction to attack such a valuable commodity will always be in demand. Consumer sympathy, complacency and tolerance will collide and cannot be relied upon for recovery. Cloud computing is an appropriate description for such services. CIO’s and consumers need to understand that SOME clouds may look like nice fluffy places to park your data, others but they can turn out to be towering cumulus clouds emitting thundering lightning bolts that eventually hit you, maybe more than once, and leaving nothing behind.
Related posts
Cloud Computing: Will It Be Government’s Venus Fly Trap? Gartner
Mar 4th
The cryptographer’s panel at the RSA conference is always my favorite part. At this year’s conference, Ron Rivest (the R in RSA) made a comment along the lines of “One of my fears for the future is that cloud computing is a ‘dream come true’ for government intelligence agencies.” He actually used a more colorful term for ‘dream come true’ but his basic point was something I point out to Gartner clients all the time: in many countries (the US included) companies are legally (and often illegally) required to cooperate with government requests to surreptitiously monitor communications and content flowing through or stored on their systems.
There is a school of thought that true cloud computing means no care at all about the physical location of the storage. The fact that many governments can compel any company or service provider operating in their country to expose their customer’s data means for real businesses, location does matter.
Does encryption solve the problem? Only if the control of the keys is completely outside of the control of the service provider and if there is complete and guaranteed transparency into all access to the encrypted data. The reason for that and clause: with unlimited local access to encrypted data, government funded brute force attacks are much more likely to eat into the safety margin of long key lengths. And, as Brian Snow pointed on on the cryptographers panel, unlike the commercial/academic crypto community, the government crypto community does not publicize its breakthroughs in cracking algorithms or in developing orders of magnitude faster brute force capabilities.
Does striping or scattering the data across multiple data centers in multiple countries solve the problem? Assuming (a very, very big assumption) that the cloud service provider has not made concessions to a host country that would allow access anyway, this has possibilities – but I think there are a myriad of ways to attack this approach. Encryption has been banged on for years and we know that most proprietary encryption approaches are not secure. Striping/scattering for security has not been banged on and I am positive that many, many implementations will turn out not to be secure.
What about striping/scattering encrypted bits? Well, security in depth is always more expensive but not always more secure. This approach has possibilities, but just adding more “rounds” just as often introduces new vulnerabilities rather than increasing security.
I was on a panel at RSA on tokenization, and the idea of “tokenization as a service” is where I think more promise lies. Use cloud storage for the non-sensitive data (which by volume is usually more than 99% of the storage) and keep the sensitive data at home or at least in-country. Use the cloud for what it is good at and don’t use it for what is not good at.
Related posts
NASA builds its own Nebula cloud computing platform out of open-source components
Feb 23rd
You’ve probably heard all about Google’s shipping container server farm. Over capacity? Just plug in another container! Now you, as an end user, can enjoy a similar service direct from NASA itself.
NASA’s Nebula platform provides a cloud of processing power much like that of Amazon’s EC2. A brief look at the details of NASA’s cloud suggest that this is a much more low-level solution: while Amazon’s EC2 is great for websites, NASA’s Nebula could replace an entire computer infrastructure.
The container in the photo above is NASA’s primary node, but I presume they have more containers in the background. You can tell by the presence of a huge dish that they’re trying to impress — and I have to admit I am impressed! I have no idea where other cloud computing providers host their servers, but I bet it isn’t at frickin’ NASA. If all of that wasn’t cool enough, it’s all built out of open-source components. They haven’t contributed their code to the community yet, but fully intend to!
Unfortunately I saved the bad news for last: this isn’t a public service. I’m afraid you’ll have to be in the science community to take advantage of NASA’s cloud — or, if they release their platform software, perhaps you could build your own cloud…? If you know someone with a spare shipping container, anyway… Full Source DownloadSquad
Related posts
Intel and Microsoft Tap FedScoop for Online Cloud Computing Campaign
Feb 9th
Today, FedScoop announced that Intel and Microsoft will be sponsoring an educational campaign focused on the present and future possibilities of cloud computing called, “Minds in the Cloud.” Each week, for 25 weeks, new High Definition (HD) interviews of influential technologists from the government, non-profit, and private sectors discussing their views on the importance of the cloud will be posted to mindsinthecloud.org.
WASHINGTON, Feb. 9 /PRNewswire-USNewswire/ — FedScoop announced today the launch of a campaign that seeks to educate and inspire those interested in cloud computing technologies. Minds in the Cloud is a special content edition of FedScoop — a full-service government media and marketing company — which seeks to capture insights from technologists, innovators, and government IT leaders around the topic of cloud computing, and is sponsored by Intel and Microsoft.
Initial interviews include those of Aneesh Chopra (Federal CTO), Linda Cureton (CIO, NASA), Tim O’Reilly (O’Reilly Media Group), Nigel Ballard (Federal Marketing Director, Intel), and Teresa Carlson (VP, Microsoft Federal).
IT spending on cloud computing is increasing, with 16 billion USD spent in 2008 and 42 billion USD forecasted by 2012. With Minds in the Cloud, viewers will be able to understand more fully why cloud computing services are becoming increasingly important, and what the future may hold for citizens, businesses, and the government as this shift occurs. Candid discussion of issues related to privacy, data portability, standards development, and the social implications of cloud computing will be discussed.
Viewers are encouraged to visit http://mindsinthecloud.org to watch the latest interview, as well as to follow http://www.twitter.com/mindsinthecloud for notifications about new episodes as they become available. Minds in the Cloud will be capturing interviews across the United States in Q1 and Q2; if you’re a subject matter expert in this area, please feel free to reach out to setup an interview.
About FedScoop:
FedScoop is a full-service government media and marketing company, specializing in government IT news, new media advertising and custom turn-key strategic networking events. FedScoop.com is the Government IT community’s most comprehensive, one-stop news source reaching notable influencers and voices in the community. FedScoop.com is the only independent aggregator of the most trusted and popular web sites that Government IT executives visit daily, to stay abreast of trends, best practices, business opportunities and news.
Press Release
Related posts
Microsoft to Offer U.S. Scientists Free Cloud Computing
Feb 5th
U.S. Scientists Given Access to Cloud Computing
The National Science Foundation and the Microsoft Corporation have agreed to offer American scientific researchers free access to the company’s new cloud computing service.
A goal of the three-year project is to give scientists the computing power to cope with exploding amounts of research data. It uses Microsoft’s Windows Azure computing system, which the company recently introduced to compete with cloud computing services from companies like Amazon, Google, I.B.M. and Yahoo. These cloud computing systems allow organizations and individuals to run computing tasks and Internet services remotely in relatively low-cost data centers.
The new program was announced on Thursday at a news conference in Washington.
Neither Microsoft nor the foundation was willing to place a dollar amount on the agreement, but Dan Reed, the corporate vice president for technology strategy and policy at Microsoft, said that the company was prepared to invest millions of dollars in the service and that it could support thousands of scientific research programs.
Access to the service will come in grants from the foundation to new and continuing scientific research. Microsoft executives said they planned eventually to make the new service global.
The government has traditionally supported a group of scientific computing centers at universities and laboratories around the country. These centers have typically housed supercomputers capable of solving scientific and engineering problems quickly. In recent years, however, increasing emphasis has been placed on computing systems capable of storing and analyzing vast amounts of data.
“It’s all about data,” said Jeannette M. Wing, assistant director of computer and information science and engineering directorate at the science foundation. “We are generating streams and rivers of data.”
Genetic sequencing systems are capable of generating as much as a terabyte, 1,000 gigabytes, of information a minute, Dr. Wing said.
Microsoft made its commitment to scientific computing two years after a similar service was introduced by Google and I.B.M. Several scientists familiar with the Microsoft project said the software company was hoping to differentiate the new service by offering scientists a set of custom applications that simplified access to Azure and the use of older software applications like Microsoft Excel.
“We’re trying to figure out how to engage the majority of scientists,” said Dr. Reed, who directed several of the nation’s scientific computing centers before joining Microsoft.
Simplicity of use is one Microsoft goal. Programming modern cloud systems for full efficiency has been difficult. The company is trying to overcome this difficulty in creating a variety of software tools for scientists, said Ed Lazowska, a University of Washington computer scientist who works with the Microsoft researchers.
Dr. Lazowska said the explosion of data being collected by scientists had transformed the staffing needs of the typical scientific research program on campus from a half-time graduate student one day a week to a full-time employee dedicated to managing the data. He said such exponential growth in cost was increasingly hampering scientific research.
Full Source The New York Times
