Cloud Computing Enables Consumer-Centered Healthcare

Cloud Computing Enables
Consumer-Centered
Healthcare

Eiji Sasahara, Ph.D., MBA
Dan McGuire, MBA
Hitoshi Iwashita, MBA
Healthcare Cloud Initiative
October 15, Intiative
©2009 Healthcare Cloud 2009 1

Agenda

• 1. Introduction
• 2. Understanding Cloud Computing
• 3. Cloud Computing in Healthcare
• 4. Case study in Life Science/Pharma
• 5. Case study in Healthcare provider

©2009 Healthcare Cloud Intiative 2

1. Introduction (1)

• Speakers
– Eiji Sasahara, Ph.D., MBA
http://www.linkedin.com/in/esasahara

– Dan McGuire, MBA
http://www.linkedin.com/pub/dan-mcguire-japan-
healthcare-network/1/970/329

– Hitoshi Iwashita, MBA
http://www.linkedin.com/pub/hitoshi-iwashita/0/34a/694


1. Introduction (2)

• Healthcare Cloud Initiative
– Grass-root group to share knowledge
about benefits and risks of cloud
computing, and to promote new
business development with ICT
utilization in the healthcare industry
• Life science & Pharmaceutical
• Healthcare Provider
• Healthcare Payer


1. Introduction (3)

• Healthcare Cloud Initiative
– Focus areas in Healthcare Value Chain

Patients Healthcare Communication General
Academia
& families Professionals Media Consumers

Opportunities and Risks of Cloud Computing
-New Business Development
-Technology Innovation

Clinical Relationship Professional Advertising Direct-to-
Trial Development Education & Promotion Consumer
Supports w/Opinion & Advocacy Education
Leaders & Advocacy


1. Introduction (4)

• Cloud Security Alliance
– Global, not-for-profit organization
– Inclusive membership, supporting broad
spectrum of subject matter expertise:
cloud experts, security, legal,
compliance, virtualization, and on and
on…
– We believe Cloud Computing has a
robust future, we want to make it better
“To promote the use of best practices for providing security assurance
within Cloud Computing, and provide education on the uses of Cloud
Computing to help secure all other forms of computing.”


1. Introduction (5)

– Individual Members (LinkedIn Community)
<Active Working Groups> <New Working Groups>
-Editorial -Healthcare
-Educational Outreach -Cloud Threat Analysis
-Architecture -US Federal Government
-Governance, Risk Mgt, Compliance, -Financial Services
Business Continuity
-Legal & E-Discovery
-Portability, Interoperability and Application Security
-Identity and Access Mgt, Encryption & Key Mgt
-Data Center Operations and Incident Response
-Information Lifecycle Management & Storage
-Virtualization and Technology Compartmentalization

1. Introduction (6)

– Resources
• ”Security Guidance for Critical Areas of
Focus in Cloud Computing”
(http://www.cloudsecurityalliance.org/)
• ”Cloud Security and Privacy: An Enterprise
Perspective on Risks and Compliance”
(http://oreilly.com/catalog/9780596802769/)


2. Understanding Cloud Computing (1)

• Definition of Cloud Computing
by National Institute of Standards and Technology (V15)
“Cloud computing is a model for enabling
convenient, on-demand network access to
a shared pool of configurable computing
resources (e.g., networks, servers, storage,
applications, and services) that can be
rapidly provisioned and released with
minimal management effort or service
provider interaction.”
(http://csrc.nist.gov/groups/SNS/cloud-
computing/index.html)


• Characteristics of Cloud Computing
by NIST (V15)
– On-demand self-service
– Ubiquitous network access
– Resource pooling
• Location independence
• Homogeneity
– Rapid elasticity
– Measured service


• Cloud Service Models by NIST (V15)
– Cloud Software as a Service (SaaS)
• Use provider’s applications over a network
– Cloud Platform as a Service (PaaS)
• Deploy customer-created applications to a cloud
– Cloud Infrastructure as a Service (IaaS)
• Rent processing, storage, network capacity, and
other fundamental computing resources



• Cloud Deployment Models by NIST (V15)
– Private cloud
• enterprise owned or leased
– Community cloud
• shared infrastructure for specific community
– Public cloud
• Sold to the public, mega-scale infrastructure
– Hybrid cloud
• composition of two or more clouds



• Characteristics of Cloud Computing
by Cloud Security Alliance
– Abstraction of Infrastructure
– Resource Democratization
– Services Oriented Architecture
– Elasticity/Dynamism
– Utility Model of Consumption & Allocation

Business requirements identify
features of cloud computing


• Difficulty in Cloud Computing
by Cloud Security Alliance
– Who manage it
– Who owns it
– Where it’s located
– Who has access to it
– How it’s accessed
Big challenge: Security and risk control
under the cloud computing environment


• Architecture of Cloud Computing

Business (e.g.) Healthcare Healthcare
Life Science
Layer Payer Provider

Software: Collaborative, Content, ERM, SCM, CRM,
Application Operations & Manufacturing, Engineering, Business SaaS
Layer Intelligence, etc.

Software: Application Development, Quality & Life-
Platform Cycle Tools, Application Server/Integration &
Process Automation Middleware, Information & Data
PaaS
Layer
management, Systems & Network Management

Software: System & network management, Security,
Infrastructure Storage IaaS
Layer Hardware: Healthcare Storage, Network, Clients
©2009 Server, Cloud Intiative 15


• What is Governance, Risk and
Compliance (GRC) Management?
– Governance: Activities to demonstrate
strategy direction and systems to
regulate and monitor corporate business
management
– Risk: Activities to identify, analyze and
manage risks inside/outside the
company
– Compliance: Activities to adhere to rules
and requirements set by laws, standards
and code of ethics Cloud Intiative
©2009 Healthcare 16


• GRC Management and ICT
– Application Layer
• Compliance Management Solutions
• Business Assurance Analytic Solutions
• Financial Compliance and Reporting
• Compliance Process Automation
• Enterprise and Operational Risk Management
Solutions
– Platform and Infrastructure Layers
• Compliance Infrastructure Solutions
– Security Management Solutions
– IT Governance Management Solutions
– Records and Information Management Solutions


• Architecture of GRC Management ICT
Business Personal Consumer
J-SOX
Layer Information Safety

Software: Compliance Management, Business
Application Assurance Analytic, Financial Compliance and SaaS
Layer Reporting, Compliance Process Automation,
Enterprise and Operational Risk Management, etc.

Software: Application Development, Quality & Life-
Platform Cycle Tools, Application Server/Integration &
Process Automation Middleware, Information & Data
PaaS
Layer
management, Systems & Network Management

Software: System & network management, Security,
Infrastructure Storage IaaS
Layer Hardware: Healthcare Storage, Network, Clients
©2009 Server, Cloud Intiative 18

• Impact of Consumer as a Stakeholder
– Consumer-centered healthcare drives ICT utilization.
– Consumerization of ICT drives cloud computing.
Consumer-
Business Healthcare Healthcare
Centered
Life Science
Layer Payer Provider
Movement

Software:
Application SaaS
Layer Healthcare Cloud
ICT Computing
Software:
Platform GRC PaaS
Layer Management
Consumer
Software: as a
Infrastructure Stakeholder IaaS
Layer Hardware: Healthcare Cloud Intiative
©2009 19

3. Cloud Computing in Healthcare (1)

• “Cloud Computing: A new business
paradigm for biomedical information sharing”
Rosenthal A, Mork P, Li MH, Stanford J, Koester D, Reynolds P.
J Biomed Inform. 2009 Aug 26.
(http://www.ncbi.nlm.nih.gov/pubmed/19715773)

– For customers, cloud computing is
primarily a new business paradigm, as
opposed to a new technical paradigm.

Who are “customers” in healthcare?
= Consumers (Patients and families)


– Features of Cloud Computing in
Biomedical informatics
• Resource outsourcing
• Utility computing
• Large number of machines
• Automated resource management
• Virtualization
• Parallel computing
Business requirements identify
features ofHealthcare CloudComputing
©2009 Cloud Intiative 21


• “Security and privacy requirements for multi-
institutional cancer research data grid”
Manion FJ, Robbins RJ, Weems WA, Crowley RS.
BMC Med Inform Decis Mak. 2009 Jun 15;9:31.
(http://www.ncbi.nlm.nih.gov/pubmed/19527521)

– Key Challenge is developing suitable
models for authentication and
authorization practices within federated
environment.
Healthcare cloud is based on federated
environment (à Hybrid Cloud)


• Recommendation for large scale federated sharing of data
within a regulated environment
– Necessity to construct separate legal or corporate entities for governance
of federated sharing initiatives
– Consensus on the treatment of foreign and commercial partnerships
– Development of risk models and risk management processes
– Development of technical infrastructure to support the credentia ling
process associated with research including human subjects
– Exploring the feasibility of developing large-scale, federated honest broker
approaches
– Development of suitable, federated identity provisioning processes to
support federated authentication and authorization
– Community development of requisite HIPAA and research ethics training
modules by federation members
– Recognition of the need for central auditing requirements and authority
– Use of two-protocol data exchange models where possible in federation



• Summary
– Cloud computing is primarily a new
business paradigm.
– Consumer-as-a-Stakeholder approach
integrates cloud computing, GRC
management and healthcare ICT.
– GRC management should be the
enabler of cloud computing in total
healthcare value chain.

Cloud Computing Enables Consumer-Centered Healthcare

More Related Content

What's hot (19)

Similar to Cloud Computing Enables Consumer-Centered Healthcare (20)

More from Eiji Sasahara, Ph.D., MBA 笹原英司 (20)

Recently uploaded (20)

Cloud Computing Enables Consumer-Centered Healthcare