In addition, there are plenty of Governance, Regulation and Compliance (GRC) concerns to attend to. These include mandates that seem to pull in different directions — such as the need to tightly control access to patient data and personally identifiable information, while also supporting the ability to securely share cleansed data with partner organizations.
All of this makes it crucial that you conduct a thorough data center evaluation when considering changes to your healthcare IT infrastructure — whether refreshing hardware, deploying new software, supporting mobile devices and the IoT, or integrating cloud-based applications.
Healthcare represents an environment in which a multitude of disciplines and practitioners are brought together to function holistically for the most noble of endeavors: saving lives and improving the quality of life for those served. So it makes sense to work as a cross-functional team by including representatives of all involved areas during the initial phase.
Though teams will differ among organizations, it’s essential to include stakeholders knowledgeable about IT infrastructure, applications and security, as well as experts from your GRC and legal teams.
Representatives from the clinical side can provide useful insights into how doctors, nurses and technicians use resources. Your team will also benefit from nonclinical users, such as human resources, facilities and administrative services staff. Be sure to include a strong C-level sponsor as well, ideally the Chief Executive Officer (CEO), to overcome barriers and ensure adoption.
While your cross-functional team provides a valuable real-life pool of knowledge and view into your operations, it’s also a good idea to seek an outside voice. This should come in the form of a vendor-neutral, third-party adviser who can provide guidance based on how other organizations are solving similar challenges within healthcare.
An experienced, vendor-neutral partner can help you see the bigger picture across healthcare technology — and help you explore questions you may not have considered. This will enable you to learn from the experiences of other healthcare organizations.
As a result, you can, for example, provide a view into how others are making use of mobile devices to access EHRs or leveraging the IoT to remotely monitor patients and gather health metrics. An outside adviser can also help you maximize cloud-based resources without raising GRC concerns.
One of the foundational tasks of any effort of this sort is conducting a comprehensive assessment of your existing data center. A robust and up-to-date Configuration Management Database (CMDB) can be a powerful tool for assessing your existing infrastructure of hardware and software assets.
Your cross-functional team can help IT go through CMDB findings to identify applications, hardware or devices that are no longer used and should be retired — streamlining database operations while enhancing security by reducing potential attack surfaces. The cross-functional team can also determine which applications are good candidates for modernization and which can be used to map interdependencies and data sources.
A data center evaluation process is likely to involve consideration of a modern, cloud-based infrastructure. Some relevant questions might include: What's the main driver of your data center transformation? Are you seeking increased scalability? Improved agility? Cost reduction? Migrating to the cloud or implementing a hybrid cloud solution could be the answer. The evaluation process will help you establish the highest priorities.
Arguments can be made for and against using the cloud in healthcare. Creating a scoring matrix can help you determine whether your organization will benefit from a cloud or hybrid cloud infrastructure.
Healthcare organizations are subject to stringent GRC requirements and frequently employ mobile and IoT devices to support clinicians and staff. Infrastructure assessment provides an opportunity for GRC and security experts within the cross-functional team to examine existing systems and identify areas of improvement.
In addition to evaluating legacy applications and systems, it’s also important to look at access management and how data is secured at endpoints such as smartphones, tablets and other mobile devices. These kinds of IoT technologies are often used to access EHRs, making it absolutely essential that you have robust security systems in place to prevent a data breach.