A test of patients: the challenges of healthcare IT
Fri 13 Apr 2018 | Sylvester Wong
Ahead of his session at Data Centre World Asia, held in Hong Kong this May, Sylvester Wong, Senior Director IT at Fresenius Medical Care (FMC), spoke to The Stack about the challenges of IT requirements in healthcare, and his expectations for the industry in the future.
Working in healthcare IT provides a unique set of challenges. Unlike many other typical IT departments, the decisions made in the healthcare sector directly affect patient wellbeing. This adds an additional level of pressure and reliance on the IT team that isn’t typically seen in other organisations.
IT regulations in healthcare
As well as this, the healthcare sector is highly sensitive and regulated. As such, Wong argues that there are three main concerns in healthcare IT at the moment. Top of the list, he states, is patient data protection. At FMC, the patient comes first, no matter what they are doing. With cybersecurity risks constantly evolving, this means that there needs to be a constant effort to implement new policies to protect the patient’s data.
Every regulation has to be understood, managed, and complied with
Managing patient data is not just about protecting it from cyber attack, but also about meeting regulatory standards. A big challenge for Wong and the team is ensuring that multiple information security and data privacy laws compliance requirements are matched. Given how these laws are constantly evolving, this is a big task.
Given the international scope of FMC, this includes Chinese cybersecurity laws, Philippine data privacy laws, and the upcoming GDPR. Each of these, and others, says Wong, have to be understood, managed, and complied with.
As well as meeting requirements, whether protecting patient data or complying with local and international regulations, Wong needs to ensure the organisation evolves and keeps pace with modern digital strategies.
As such, he counts the digital transformation journey that is underway at FMC amongst his key tasks. There are a number of initiatives underway, often involving cloud and emerging technology sectors such as IoT. There is significant effort required to align these initiatives at the regional/global level in order to avoid duplication of effort, and to create the right strategy in line with the governance and management model.
One advantage that Wong enjoys, he says, is a strong level of support from the rest of the business. Given that the patient comes first, every time, and there is a good understanding of how the IT department can help achieve this objective, it is not hard for Wong and his team to justify their usefulness.
As well as IT being one of FMC’s core business values, there is also a clear motivation to ensure regulatory compliance, one of the IT team’s key tasks. With the potential for a 4% fine for any organisation found to be in breach of GDPR, a relatively small level of expenditure on IT to ensure this doesn’t happen makes good business sense.
Public vs private cloud in healthcare
Regulations also affect IT decisions in other ways. Wong notes that in some countries such as South Korea and China, patient data management solutions have to be kept on-premises, due to their data privacy and cybersecurity laws. In other Asian countries where FMC operates, though, its strategy is private cloud.
Private cloud, he argues, offers a number of advantages. Increased agility, alongside higher levels of security, better management and governance of IT operations, and improved disaster recovery and business continuity options provides a best of both worlds solution.
It also creates an environment in which it’s possible to maximise the benefits of zero client technology, which helps with data protection, and the use of virtual machines which improves IT resource optimisation.
One key point that Wong notes is that this choice isn’t always available for smaller businesses. As these are unlikely to have the cash flow to invest in full scale comprehensive IT/cybersecurity security management and governance, they are more likely to achieve the benefits that Wong associates with private cloud, through public cloud.
Data centres in 2018
Looking forward more generally at the data centre sector in the coming year, Wong expects to see continuous consolidation of ‘server rooms’ into regional/global data centres. However, the data privacy and cybersecurity laws of various countries are impacting the data centre strategy of enterprise businesses – a particular challenge for those in the healthcare market given the stringent requirements faced in the industry.
Thanks to these laws, smaller ‘satellite’ data centres are mandatory in some countries, such as China and South Korea, and, says Wong, more countries will soon have these regulations in place. The ability, he believes, to standardise and integrate data centres of all sizes, whether they are global, regional or satellite facilities, will soon be a key differentiator in the healthcare market.
Sylvester Wong will be speaking at the 2018 edition of Data Centre World Hong Kong, which will take place on 16-17 May. To hear from Sylvester and other data centre experts, register here for your FREE ticket.