Not secure enough, not individual enough, too intransparent, too cloudy: solutions from the cloud were frowned upon in healthcare for a long time. One important reason for this was data protection and the question of which servers the data is located on, how they gets there, and who can access them. Furthermore, there were concerns about dependency on the service provider and the loss of data sovereignty. And finally, there was the question of what benefits the cloud actually provides. Meanwhile, strict rejection has given way to a healthy curiosity. In part, because providers like VISUS can deliver convincing answers to the most pressing questions.
The data stay in Germany
Dismissing concerns about the protection of data stored in the cloud was probably a cardinal mistake made by the early providers. This created distrust. It goes without saying that healthcare facilities need to know where their sensitive patient data are stored and who has potential access. However, one also needs to understand: there is no such thing as 100 percent protection against third-party access - neither in the cloud nor on in-house servers (a painful experience many university hospitals had to make in recent years).
However, the more strictly a cloud is structured in accordance with European and German data protection standards and the fewer companies that are involved in the cloud infrastructure, the lower the risk of malicious access. For VISUS, the only option was therefore to set up its own cloud, which is based exclusively on servers in Germany. Setting up one's own cloud is costly and resource-intensive when compared to cooperating with the large, mainstream US providers. Nonetheless, this investment in time and personnel pays off in the short term - especially for VISUS customers. For example, they can be assured that the patient data will not end up legally with US authorities. This is theoretically possible when using the cloud services of major US providers due to the prohibition of the so-called EU-US Privacy Shield. Although it is assumed in data protection circles that the European Court of Justice will again declare the Privacy Shield to be legally valid in an appeal. As a consequence, entirely new agreements will then have to be negotiated with the cloud technology owners.
In terms of the VISUS Cloud, such decisions do not play a role. Users know who their contractual partner is at all times and that their data will always meet the high German data protection requirements.
Acting more flexibly, minimizing resources
The VISUS Cloud will initially become the home of the JiveX Healthcare Connect solutions. The PACS as well as the HCM will continue to be available on premise - and thus firmly in the hands of the users. So what is the benefit of the SaaS for JiveX Healthcare Connect? For one, the entire operation including maintenance, service and updates can be outsourced. Such managed service concepts save in-house resources and ensure that the software is always up to date. And on the other hand, the software can be flexibly supplemented with useful additional solutions - usually without tediously having to set bureaucratic mills in motion. This is because the rental model of Software-as-a-Service (SaaS) and the flexible usage period mean that costs can be planned reliably and spread over the term of service. This gives users a great opportunity of using new features and solutions in everyday routines in an unbureaucratic and test-based manner. Innovations and potential process optimizations can thus be put into practice far more quickly. SaaS solutions are particularly useful, for example, when setting up external communication networks: similarly and unlike with on-premise solutions, the healthcare facility does not have to worry about whether malware enters the infrastructure with the receipt of external data and on how to prevent this. During the upload, VISUS takes over this task by first running the data through the cloud and verifying them before passing it on to the facility. External access to in-house data is also provided via the neutral VISUS Cloud. This enables very simple, web-based solutions to be implemented which allow uncomplicated access despite high level data protection and authorization concepts. In a nutshell: whenever it comes to sharing and exchanging medical data, the VISUS Cloud and the inherent SaaS solutions act as a secure, neutral and reliable entity.
And by the way, there is no loss of customization and adaptation to the in-house conditions of the JiveX solutions when operating in the cloud. Quite the contrary: the degree of functional flexibility and individualization increases even further when adding services.