EHR Hosting Demystified – What to Look For (and Look Out For), on Your Way to the Healthcare Cloud

Posted on March 15, 2016 I Written By

The following is a guest blog post by Joe Cernik from eMedApps.

As I write this post I’m trying to reach the cloud. I’m on my third-in-a-row delayed flight segment on this week’s business trip – ARGH!  Ascending to the cloud these days is mostly easy though. My music is there, as are my photos, bank accounts and even my fitness stats collected on my wrist while I’m jogging or while I’m sleeping. Cloud computing has become ubiquitous and healthcare has embraced the transition. Health IT vendors are rapidly migrating EHR, PM and RCM solutions from client-server formats to on-demand, pay-as-you-go cloud hosted solutions.

According to healthcare analyst IDC, organizations that use on-site data storage spend 32% more on IT support than organizations that use an outside hosting provider. From infrastructure costs of servers and support staff to application deployment and ongoing maintenance costs, on-premises software can be a high-touch, high-cost model. Most EHRs are either in the cloud today, or claim cloud compatibility. The cloud promises scalability, interoperability and business continuity – but where do you start to evaluate solutions and define your own path to the cloud?  Here are a few basics to get you going.

Ready, set, cloud….

Step 1: Understand hosting and cloud approaches and determine which type is right for you.

Insourced Hosting: A model also called managed services, managed client-server, or managed on-site hosting, where the hosting vendor provides end-to-end management of your complete EHR/PM system including the hardware and software systems installed at your facility. In essence, your hosting vendor becomes a member of your team, in-house, and manages the infrastructure that you own – generally in a client-server configuration. You’re not in the cloud yet, but this may be a first step in that direction if you’re ready to get out of the EHR/PM management business.

Outsourced Hosting: Also called remote hosting, hosted off-premise, and cloud hosting, outsourced EHR hosting locates your critical EHR/PM applications in a datacenter facility – outside of your LAN-based practice or clinic. EHR and patient data is stored on remote servers accessed via secure Internet connections. Fully outsourced remote hosting shifts the expense of procuring, managing and maintaining your EHR application and servers from your facility and your IT team to a fully managed datacenter. Servers are owned, managed, and refreshed by the hosting company.  Now, you’re in the cloud.

Hybrid Model Hosting: Also called hosted client/server in the cloud and managed hosting, this model allows your organization to place your servers into a secure datacenter. This hybrid model between insourced hosting and outsourced hosting allows your organization to leverage existing capital investments in servers and investments in EHR application licenses, but moves the ongoing management and maintenance of this infrastructure investment to an internet accessible, secure remote site. Rather than installing and managing your application on a server in your office, the installation is managed on your server(s) in a controlled data center environment. Your users log into your remote server through a web browser.

Step 2: Understand Compliance and Regulatory Considerations (HIPAA, PHI, MU) Before You Sign a Contract

Your EHR hosting partner should be an EHR application expert, have demonstrable hosting expertise, and meet all regulatory and security protocols.  While this statement may seem obvious, note that no matter which type of hosting solution you consider or eventually adopt, your hosting provider and their facilities must meet all physical, procedural, operational, and technical readiness criteria established for hosting of protected healthcare data. Make certain to evaluate partners for compliance with all HIPAA/HITECH rules and, for outsourced or hybrid solutions, SOC 2 Type II and SOC 3 centers with certificates including: PCI DSS Level 1 and SSAE 16.

Step 3: Evaluate the Costs

Because there is no upfront cost for the software, and an organization is not required to buy a server, a cloud-based EHR may be less expensive than the onsite client/server setup. If one of your greatest hurdles to adopting an EHR is the initial cost of installation, an outsourced hosting model may be worth considering.

Some practices may also prefer to view their EHR expenses as a recurring operational expense (similar to a utility bill) rather than a capital investment. If your practice or clinic has already invested in on-premises infrastructure but want to consider a move to an outsourced hosting model, a hybrid approach may be a good first step with a full transition to an operational expense model on your next hardware refresh cycle.

Models vary among hosting vendors, and some vendors offer contract terms and conditions that offer hosting packages tailored to your revenue projections or offer low introductory pricing that increases over time. Variable models should be evaluated over a five-year cost-of-ownership timeframe to accurately compare costs across vendor plans.

Clear the fog…move to the cloud.

The way organizations procure and deploy IT infrastructure is undergoing a significant transformation. Don’t be confused by the transition – cut through the fog and get to the facts on a hosting solution that will help you meet your business AND patient care goals.  That solution may include ascending to the cloud – there’s a lot of great music already there. Now, let’s see if my plane will make it into another type of cloud today.