With eye on public health, Delaware, Michigan roll out clouds

By Kate Spies
08:51 AM
a:2:{s:5:"title";s:32:"Elayne Starkey, CISO of Delaware";s:3:"alt";s:0:"";}

Marrying cloud computing to health IT could potentially yield swifter delivery solutions, extensive services, cost reductions, improved patient care, and a range of powerful applications.

As with human marriage, though, this sort of bonding requires a clear first step: the proposal.

Several states are currently pursuing this first measure of action by laying the groundwork for cloud-based programs that could, in turn, expand and streamline the IT capabilities of their health departments.

Delaware and Michigan are two such states.

Michigan’s MiCloud
Health entities in Michigan are working to join the cloud through the state’s MiCloud initiative, which is comprised of a private data cloud tailored for its state and local governments.

Eric Swanson is the director of Michigan’s Center for Shared Solutions and Technology Partnerships. He described the cloud as a versatile instrument in meeting health agency needs.

[Related: NASCIO's 12 tips for states considering the cloud.]

"How the cloud would apply to any department, whether it’s our community health department, or our department of human services, and/or even local health departments, is the fact that it’s a utility,” he said. “The cloud serves as a utility to any of the business needs of the agency - whether it’s a cloud storage need, or a production need - that any of the lines of business across that health IT spectrum could consume from.”

Michigan CIO David Behen (pictured at right) echoed that, describing MiCloud as “a critical tool” that will work to “address a broad range of fast-track issues through cloud computing.”

Delaware’s take on Cloud-First
Delaware is upholding a cloud-based approach that’s akin to the federal government’s Cloud-First policy.

Like the federal initiative, said Delaware CISO Elayne Starkey, state leaders are urging agencies to engage with the cloud when possible. “Our program doesn’t mean we require all of our agencies to switch to the cloud,” she said. “Instead, it means we encourage our customers to consider a cloud solution with any new projects or any new engagements.”

So far, state agency customers have matched this encouragement. “We’ve been offering our agency customers a private cloud for the past 18 months,” Delaware CIO Jim Sills said.

[Related: NIST's 10 cloud computing requirements.]

Delaware’s Department of Health and Human Services has yet to leverage this private cloud infrastructure. But trends seem to indicate the benefits of cloud computing are too weighty to ignore – especially for data-dependent sectors like public health.

“Since the last 18 months,” Sills said, “we’ve probably increased our efficiency by about two hundred percent … Cloud technology really offers some of the greatest returns of any technology.” 

Security: Get a pre-nup
To reach Delaware’s stratospheric increase of two hundred percent, state leaders emphasize the necessity of security guidelines.

“You can’t fall into the trap of sending data out there without proper contractual clauses,” Starkey said.

Protection regulations must be a part of the state’s procurement process, she added, especially “when you’re sending out confidential, personally identifiable information.”

Health department data, of course, is riddled with this sort of information, meaning that cloud computing solutions must be tailored to meet HIPAA privacy and security requirements.

The bones of the Delaware and Michigan cloud programs address this issue. Michigan’s infrastructure is private and on-premise, Swanson said. According to NASCIO’s recent “Capitol in the Clouds” report, it’s regarded as a secure and “key component of Michigan’s enterprise sourcing strategy.”

Cloud computing in The Great Lakes State is centered on twelve protection clauses that must be included in all RFP’s with potential for external cloud solutions.

[Related: Mitigating PHI danger in the cloud.]

“The real heart of all our cloud solutions centers around our terms and conditions,” Delaware’s Starkey said. “This sort of outlining lays out the ground rules from the beginning of the engagement… In many cases it takes very little time. Our vendors have shown that they’re eager and thankful that we’ve taken the time to spell out our requirements.”

The State of Delaware cloud terms and conditions apply to all state agencies, which includes the Department of Health and Social Services, Starkey added.

A union for the long haul
With information protection ground rules in place, Delaware and Michigan state health departments can work to better leverage the states’ cloud programs – and state leaders point to maneuvering onto the cloud as a positive shift.

The potential for self-provisioning and the scalability of the cloud environment “translates into productivity across the multitudes of users,” Michigan’s Swanson said.

Delaware's Starkey agreed: “The cloud model is here, it’s here to stay, and it’s getting better all the time. We can’t pretend it’s not there. It really is a game-changing alternative.”

Considering the cases of Michigan and Delaware, the engagement between state health departments and cloud technology is beginning, or likely, to be realized. But instead of gold rings, the seals of these nuptials will be improved patient care, increased system efficacy, reduced costs, and expanded elasticity and scalability for a demanding, fluctuating healthcare environment.