Blog   |   Compliance   |   July 23, 2018

Why Healthcare is Moving to the Cloud

The healthcare industry is well into its digital transformation. It has embraced healthcare IT platforms in order to reduce costs while providing higher levels of service and engagement for all stakeholders, including providers, physicians, payers, and patients. When it comes to the role of the cloud in this transformation, the healthcare sector started cautiously—migrating only back end, non-critical workloads. Having seen that the benefits outweigh the risks, healthcare is now accelerating the shift of clinical applications and data to the cloud.
A recent BCC Research report valued the global healthcare cloud computing market at $20.2 billion in 2017 and predicts that it will grow to $35 billion by 2022. Within that figure, the North American healthcare cloud computing market was worth $5.7 billion in 2017 and is expected to almost double to $10.2 billion by 2022.
There are many big players offering domain-optimized cloud solutions and infrastructures to the healthcare sector, including IBM, Microsoft, Apple, and Google. In March 2018, for example, Google announced its Cloud Healthcare API, which encourages healthcare organizations to launch analytics and machine learning projects in the Google Cloud Platform, using diverse data aggregated from multiple and distributed clinical systems. This initiative aims to overcome interoperability obstacles so that machine learning can reach its full potential for clinical decision support, early identification of at-risk patients, and improving the effectiveness of clinical trials.
This blog post looks more closely at the many benefits of the cloud for healthcare organizations, and discusses some of the roadblocks that still have to be overcome to complete healthcare’s journey to the cloud.

Benefits of the Cloud for Healthcare

The cloud offers different benefits to different healthcare stakeholders.


For providers such as hospitals, ambulatory surgical centers, and outpatient clinics, the cloud offers many of the benefits enjoyed by enterprises across a wide range of sectors. The chart below, sourced from a recent survey conducted among healthcare provider decision makers, clearly shows their priorities.


As providers struggle with reduced budgets, the shift from on-premises data centers with heavy CAPEX costs to an OPEX utility-based model is very attractive. The cloud also promises to enhance services and capabilities for clinical and non-clinical employees, customers, and supply chain partners. Everyone benefits, for example, when caregivers can focus on patient care, rather than cumbersome administrative tasks. And with constant reimbursement pressures to cut costs while improving outcomes, the cloud offers opportunities to streamline and optimize the delivery of healthcare processes and products.
Interestingly enough, initial concerns about the security and privacy of sensitive healthcare data moved from on-premises to cloud deployments have been largely allayed. Healthcare providers have come to realize that a shift to the cloud can actually enhance data security and privacy. Amazon AWS, Microsoft Azure, and the other public cloud providers have unmatchable resources which allow them to employ top-tier data security specialists and constantly invest in innovative data security tools and services. They also work closely with customers, regulators, and industry associations to ensure that their infrastructures and managed services fully comply with data security and privacy requirements, including HIPAA.
Last, but certainly not least, healthcare providers have come to recognize the benefits of the cloud for backup and disaster recovery. According to surveys carried out by HIMSS (Healthcare Information and Management Systems Society), a not-for-profit industry association, between January and August 2017, the number of healthcare provider respondents using the cloud for backup and DR jumped from 38% to 60%.

Payers, Physicians, and Patients

One of the largest healthcare payers (insurers) in the world, the U.S. government’s Centers for Medicare and Medicaid Services, has announced that by April 2019, it will complete the migration of its services portal,, to the cloud. The billing of public and private payers for the reimbursement of healthcare services rendered is a well-known administrative millstone around the neck of both institutional and individual healthcare providers. Shifting these transactions to the cloud offers all stakeholders greater data transparency and accessibility. The billing systems will be more elastic, flexible, and cost-effective, and will benefit from more robust disaster recovery postures.
Well-executed cloud deployments offer physicians a more holistic and continuous view of each patient, with patient data from multiple sources accessible from any point of care. The cloud also streamlines the operations of physicians’ clinics, which frees them to focus on patient care, as well as to save money.
For the rest of us—the patients—cloud-based healthcare offers both immediate and long-term benefits. With cloud-based digital health apps we can monitor and better manage chronic conditions as we go about our daily activities. We have better access to our healthcare data, which gives us greater control over our health. We will also enjoy better health outcomes as new insights and therapies emerge from leveraging big healthcare data with cloud analytics.

The Challenges of Healthcare in the Cloud

Despite all the benefits and the growing motivation to move even mission-critical clinical applications to the cloud, healthcare providers need to address significant challenges:

Data Security and Privacy

Data security and privacy are, and will always be, huge concerns for healthcare organizations. Although initially these concerns may have slowed down healthcare’s journey to the cloud, today they are no longer a constraint—yet they still require careful management.
Public cloud providers have embraced the shared responsibility model for security and compliance. On one hand, providers take full responsibility for securing their own infrastructures and their managed services—what AWS calls security of the cloud. However, their customers are responsible for security in the cloud, including the operating systems, apps, and data.
The cloud providers offer services and best practices to help healthcare organizations achieve the high levels of security and compliance they require, but it is up to the organization to implement them. Traditional perimeter-based IT security tools are not effective, for example, when network perimeters basically no longer exist. Securing data in the cloud requires a new mindset, and healthcare organizations must explore the next-generation, born-in-the-cloud platforms that are necessary to ensure they are upholding their end of the shared responsibility model.


As with any large and complex organization, interoperability across diverse systems, including legacy systems, is a significant challenge. IT deployments in the healthcare sector are typically fragmented, with different systems—often from different vendors—for physicians, pharmacies, imaging labs, reimbursement, and more.
The strategic decision to adopt a cloud-first or cloud-only policy requires a careful assessment of all the systems already in place, as well as tactical decisions about which to lift and shift, which to refactor, and which to abandon in favor of born-in-the-cloud solutions. In addition, tough decisions have to be made about which kind(s) of cloud will best serve the organization’s needs: public-only (including multi-cloud), private-only, or hybrid. Dealing with these challenges, however, provides the healthcare organization with a golden opportunity; the chance to create a more coherent digital ecosystem in which different users have their own dedicated interfaces, but share a unified data model—enabling information to flow freely among all stakeholders.

Organization Culture

Healthcare organizations are not immune to the organizational challenges that can slow down cloud transformations. Management concerns have to be addressed and expectations have to be reset as the IT model shifts from CAPEX to OPEX. The administrators of siloed data systems need to buy into the benefits of breaking down barriers to allow the free flow of information and knowledge across the organization. The right leadership and personnel need to be put into place in order to implement and manage complex cloud infrastructures, and an agile DevOps culture needs to replace cumbersome bureaucratic processes.

Cloud Sprawl and Cost Management

Cloud sprawl is by no means unique to the healthcare domain. It is a challenge all organizations face as cloud deployments mature and become more complex. Enterprises leverage hybrid, multi-cloud infrastructures to avoid vendor lock-in, implement reliable disaster recovery plans, lower backup and archiving costs, and provide appropriate levels of security for different types of data.
Cloud sprawl makes it particularly difficult to track and manage cloud storage and compute costs, which have a tendency to grow quickly. In order to cost-effectively manage their cloud-based assets, healthcare organizations must adopt management platforms that provide high levels of visibility and automation across even the most complex infrastructures.

Looking to the Future

Cloud-based healthcare is a reality. According to a recent HIMSS Analytics survey, 83% of healthcare organizations are already using cloud technology. The name of the game now is to fully leverage the power of the cloud in order to take healthcare to the next level. With more and more born-in-the-cloud healthcare platforms introducing advanced cloud-based technologies like machine learning and AI into their solutions, we can look forward to a future of patient-centric, results-based, innovative, and personalized healthcare.
Protecting patient data is a top priority for every healthcare organization. Schedule a demo to learn how CloudCheckr can help you maintain compliance with HIPAA and other data privacy standards.

Todd Bernhard headshot
About the Author

Todd Bernhard has been with CloudCheckr handling Product Marketing and Technical Evangelism roles since 2017. He holds multiple certifications including AWS Solutions Architect Associate, Microsoft Azure Fundamentals, Google Cloud Associate Engineer and FinOps Certified Practitioner. Prior to joining CloudCheckr, Mr. Bernhard was an award-winning, bestselling mobile app developer and entrepreneur and previously worked for Sun Microsystems, as an Evangelist, Sales and Technical Trainer and Product Marketing Manager for Sun’s high-end data center servers.