/ /

  • linkedin
  • Increase Font
  • Sharebar

    The forecast is cloudy for data storage. What does this mean for healthcare information?


    Dr. Levine is Clinical Fellow, Reproductive Endocrinology & Infertility, Ronald O. Perelman and Claudia Cohen Center for Reproductive Medicine, Weill Cornell Medical College, New York.

    Dr. Goldschlag is Assistant Professor of Clinical Obstetrics and Gynecology and Assistant Professor of Clinical Reproductive Medicine, Ronald O. Perelman and Claudia Cohen Center for Reproductive Medicine, Weill Cornell Medical College, New York.



    In June, the Wall Street Journal reported that the Obama administration had hired Amazon.com to host certain HealthCare.gov components.1 That may seem to be a curious partnership, but remember that the world’s largest online retailer never closes.2 Amazon.com is always just a click away and sells not only books and other tangible products, but also streaming media such as TV shows, movies, and music.3   

    “The move [to Amazon] will give the government more flexibility in the amount of computing power it uses to run its health exchange, experts say, allowing it lower costs outside of peak usage periods,” says the WSJ.1 “By 2015, [HealthCare.gov] … will be optimized for mobile devices and run on Amazon.com’s cloud computing service.”1

    So what’s the big deal? Well, many people—including these authors—are skeptical about putting healthcare into the cloud.  

    Cloud-based computing

    Cloud-based computing is neither technologically complex nor new. It simply refers to “saving data to an off-site storage system maintained by a third party,” according to How­StuffWorks. “Instead of storing in­formation on your computer’s hard drive or other local storage device, you save it to a remote database.”4

    In fact, many of us have been using cloud-based storage for years. Gmail and Yahoo! are 2 examples of web-based email systems in which data “live” on a server and can be accessed remotely. Other cloud-powered services you may be using include Box.net, Dropbox, GoogleDocs, GoogleDrive, and iCloud. Each has different applications and modes of interaction, but the principle is the same—data are stored remotely and can be accessed wherever and whenever you choose.

    It’s probably OK to store baby photos, book reports, and science proj­ects on a publicly accessed server. But is it OK to store health informa­tion on one?

    In theory, the behemoths of the Internet should maintain the security and fidelity of their servers, but we don’t know if they do so in a HIPAA-compliant manner. We are skeptical because the owners of these data never really know who or what is accessing them. For example, you never know for sure that someone is not looking at your baby photos stored on your mobile device (it probably doesn’t matter, because you were adorable). But there are few if any structured ways to monitor who is accessing this information, and it may be only after the damage is done that a security breach is recognized.

    Furthermore, it is nearly impossible to guarantee that what users expect to happen really happens. For example, if you want to purge a record from a cloud-based database, how do you know it was really deleted? What if the service provider backed up the information on 3 different servers to ensure that there would be no service interruptions?

    What seems to be a secure back-up feature may in fact be a dangerous form of data duplication. 


    Brian A. Levine, MD, MS, FACOG
    Dr. Levine is Practice Director at the Colorado Center for Reproductive Medicine, New York, New York.


    You must be signed in to leave a comment. Registering is fast and free!

    All comments must follow the ModernMedicine Network community rules and terms of use, and will be moderated. ModernMedicine reserves the right to use the comments we receive, in whole or in part,in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.

    • No comments available


    Latest Tweets Follow