For years, healthcare organizations have been slowly increasing their use of cloud technologies. Though moving to the cloud is a highly-reputable business practice, there is still uncertainty around making the transition. Does it increase patient information security or put it at higher risk? What are the true benefits of cloud computing? Is it more or less expensive?
And what does it mean for a solution to be “in the cloud,” anyway?
When cloud computing in healthcare gets foggy
Adding to the confusion is the dizzying array of terms to describe services in the cloud: Cloud-native. Cloud-hosted. Cloud-based. Though the definitions of these services are confusing and murky, there’s one clear truth:
Not all cloud products are created equal.
Many products that are not truly cloud-native are marketed simply and vaguely as “cloud technology.” This often happens when a business adds a cloud component to their current on-premise software and calls it a cloud product. In fact, this has become so common there is now an official word for it: “cloud washing.”
“Cloud washing (also spelled cloudwashing) is the purposeful and sometimes deceptive attempt by a vendor to rebrand an old product or service by associating the buzzword “cloud” with it.” (TechTarget)
It’s important to understand what makes a solution truly cloud-native to make informed decisions on what technology will work best for your organization.
Clearing the fog
So, here’s my best go at explaining what makes technology cloud-native (and not) in plain English (I’ve also provided a handy table below if you want to skip ahead).
First, it’s useful to get to know the National Institute of Standards and Technology (NIST). The NIST is part of the U.S. Department of Commerce and sets standards and measurements for U.S. innovations, like cloud technology.
In 2018, the NIST released an Evaluation of Cloud Computing Services that provides clarification on essential characteristics of cloud services to “demystify the ambiguity surrounding cloud services.” In other words, the NIST is helping the general public avoid unknowingly purchasing cloud washed products.
NIST’s official definition of cloud computing is:
“A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
Though this isn’t perfectly plain English, NIST also provides five essential characteristics of cloud computing. I’ve provided explanations after each to help breakdown this definition.
Five essential characteristics of cloud-native solutions
1. On-demand self service
Cloud-native solutions allow users to configure server time and network storage without help from the solution provider.
2. Broad network access
Users can access the solution from many locations on many devices (phones, tablets, etc.).
3. Resource pooling
The provider’s resources can serve multiple customers at once. Issues with the technology aren’t account-specific, allowing resolutions to impact all users.
4. Rapid elasticity
Users can scale their usage up and down in real time.
5. Measured service
The solution can track use of the solution (for example, storage, active user accounts, etc.).
Cloud-hosted technology does not have quite as high a standard to hit. Cloud-hosted technology could be software installed on an on-premise server to be partially managed on the cloud. It might be on-premise technology that’s been given a facelift and simply shifted re-architected to run in the cloud. Without abiding to the rigorous standards of true cloud-native technology, it’s not always clear what advantages of cloud you’re going to get (and which ones you’ll miss out on).
In addition to these five essential characteristics, the NIST outlines three service models true of cloud-native solutions:
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
Plus, four deployment models:
Below is a table that compares the key differences between typical cloud-native and cloud-hosted applications or technology.
|Management||Provides self-service options, like allowing users to configure server time and network storage without help from the solution provider.||Computing capabilities might require interaction with the solution provider.|
|Accessibility||Users can access the solution from many locations on many devices (phones, tablets, etc.)||Users may only be able to access the solution on-site on a specific device.|
|Upgrades||Deploys new features immediately, without a disruption in service. There’s no gearing up for scheduled updates that may cause shutdowns.||New features require software updates and may require a physical visit from your technology provider. Maintenance might require downtime. Fixes are not instantaneous.|
|Scale||Scale automatically based on demand, either upward or downward, without any degradation in performance.||Have a higher chance of not being scalable based on your data usage. Unexpected outages and system failures can occur anytime.|
|Security||If the software is certified, everyone who uses the technology benefits.||Extra security may come with additional costs. Security might be the responsibility of the user.|
|Budget flexibility||A spike in usage doesn’t require more infrastructure or adding servers.||A spike in usage can require expansion of infrastructure, at a cost, and can take months to implement.|
It might also be helpful to separate cloud-native into two categories: What it is, and what it isn’t:
What Cloud-Native Is
What Cloud-Native Is Not
|Applications that are built with technology that has also been built on the cloud||Just the ability to run in or connect to the cloud|
|Fits all NIST’s five essential characteristics||Fits some or none of NIST’s five essential characteristics|
|Uses a SaaS, PaaS, or IaaS service model||Uses a service model that is not SaaS, PaaS, or IaaS|
|Built to run on public, private, or hybrid cloud environments||Technology that’s been re-architected to run in the cloud|
It’s no longer a question of if healthcare organizations should fully embrace cloud technology, but when. Moving to the cloud provides the flexibility and resources to address healthcare leaders’ most pressing challenges in today’s tremendously fluid environment. Continuing to build technology around antiquated infrastructure that can’t take advantage of the benefits of the cloud may put healthcare organizations and their patients at risk. The days of keeping applications on-premise to improve resiliency and reliability are long gone—cloud services offer better security and privacy for health data and health systems than many on-premise solutions. To take advantage of every benefit of using cloud technology, ensure you’re moving forward with a true cloud-native solution.