Exploring the Benefits and Limitations of Cloud Technology

As Published in the WorkCompWire, Leaders Speak, December-2013

Collectively with our valued clients, StrataCare will process more than 16M workers’ compensation medical bills in 2014. This effort consumes a significant amount of data that has multiple uses including, but not limited to state reporting, predictive analytics, outcomes-based networks and other cost containment initiatives. Industry demand for large terabytes of data continues to grow. The need for increased agility and flexibility are causing companies to explore cloud technology as a

practical alternative to traditional methods of platform and service delivery. A growing number of

offerings promise more cost effective data centers and infrastructure services when utilizing the

“public cloud” for the delivery of medical information via software-as-a-service (SaaS) platforms.

The primary value of these outsourced services tends to focus on elastic pricing (i.e., paying only for

services consumed rather than large up-front costs) and increased agility in meeting spikes in

demand. Although these are valuable considerations to traditional platform hosting, these offerings

may come with significant challenges, particularly as it relates to securing personal health

information (PHI).

Technology Investment Conversion

Most providers of large SaaS platforms have made a substantial investment in their infrastructure

to deliver, balance and secure scalable services, which are typically capitalized over a 3 to 4 year

period. The conversion of a capital expenditure-based investment to an operational expenditure

model has to be carefully scheduled and part of an acceptable depreciation calendar with phased

migration.

Platform Maintenance and Support

The planning of database administration activities onto a separately managed, highly transient

outsourced environment can introduce schedule and support complexities. Existing scheduled

maintenance windows pre-arranged with SaaS platform users must be layered on top of and

around those provided by the third-party public cloud service and their re-provisioning activities..

In environments that require frequent platform updates and enhancements, coordinating

downtime and infrastructure administration can pose real challenges.

Technology Compatibility

Information technology platforms supporting multiple clients that are not fully multi-tenant

configurations can undermine the value of the highly virtualized public cloud architectural

paradigm. Further, some public cloud or platform-as-a-service (PaaS) providers place constraints

on database sizes or technology platforms, which can require refactoring projects in advance of a

migration.

The above challenges are all tractable, and can be addressed with planning or implementation

projects. However, when it comes to adequate data protection assurances, however, these public

cloud models simply are not viable today.

Data Protection Standards

By and large, the infrastructure-hosting community has selected the Health Insurance Portability

and Accountability Act (HIPAA) to serve as a target for services aimed at the healthcare community.

In reality, this is a little like being in a gun fight and aiming for the ankles. Forty-six states have

issued their own data privacy rules, which go well beyond HIPAA guidelines. Virtually all client

contracts that include data privacy provisions go beyond state-directed policies, and this is before

you ever get to a liability assumption, which exists in many client contracts.

Even though the public cloud holds promise, most of the success thus far has been in the retail

domain, with increasing adoption in basic financial services. There remains a substantive chasm for

readiness in the healthcare application and data management domain. As a technology company

collaborating with industry-leading vendors, partners and clients, we continually evaluate the

opportunities available and believe the vendor-owned and managed private cloud opportunity

provides the most viable and secure platform delivery solution for the needs of the workers’

compensation industry.

About Michael Josephs

Michael Josephs joined ISG Services in 2006 and has held the role of CIO since 2008. Josephs is responsible for

the creation and delivery of ISG’s technology platform, which encompasses the areas of project management,

information systems, technology infrastructure, release management, product management, application

development, software quality assurance and technical services. Prior to joining ISG Services, Josephs served

as director of technology development at E*TRADE Financial and was also the CIO for Triad Financial

Corporation, a subsidiary of Ford Financial. He holds a Bachelor of Science degree in computer science from

the University of Maryland.