Today on Insights. We go back to a conversation Host Bill Russell had with John Halamka, President of the Mayo Clinic Platform. The topic of discussion was Where is the Cloud Great? And Where is it Not? All the big tech companies are moving their software to the cloud. And it's really changing the architectural landscape. Have we finally moved beyond the fad stage of the cloud? And how does data sharing fit into this new world?
Hello and welcome to another episode of Insights. My name is Bill Russell. I'm a former CIO for a 16 hospital system 📍 and creator of This Weekin Health IT. A channel dedicated to keeping health IT staff current and engaged. Our hope is that these episodes serve as a resource for the advancement of your career and the continued success of your team. Now onto the 📍 show.
Today on insights. We go back to a conversation host bill Russell had with John Halamka, President of the Mayo clinic platform. The topic of discussion was where is the cloud great? And where is it not? All the big tech companies are moving their software to the cloud and it's really changing the architectural landscape. Have we finally moved beyond the fad stage of the cloud and how does data sharing fit into this new world?
This move to the cloud, because if you look at the Epic Nuance, that's AI powered, that's a move to the cloud. You have the Salesforce health cloud. That's a move to the cloud. You have Google's API. And I'll sort of sum it up this way. Eric Schmidt said, get to the cloud, run to the cloud immediately. I can assure you that our data centers are more HIPAA compliant, more secure, more efficient and better than your data center. Only after you get there will you have access to a host of new capabilities in your data center that you're going to want to tap into the things that scale the cloud brings. Then it moved to more of an application deployment model. Some of us did Workday. Some of us did Box. Some of us did Salesforce and the myriad of other and EHRs are now trying to do deployment models through the cloud. And now it's really changing to an architecture play.
The platforms are allowing us to create new types of applications and in healthcare, there's thousands of applications that still don't live on top of these new models. And therefore they're not open, it's harder to share data. It's harder to do some things. So, my question for you is, have we finally moved beyond the fad stage of the cloud or are we moving to, this is now something that healthcare CIOs should definitely have a strategy for and be moving forward in I don't know, a little bit more of an intentional way?
Well, so I think you've summarized the trends extraordinarily well, which is you move to the cloud, embraced open APIs, have a suite of apps that surround your transactional systems and truly engage patients and providers in novel ways.
All along while adopting machine learning, AI, these newer technologies while keeping everything reliable and secure. But so let's ask where's the cloud great? Where is it not? So, as a CIO, I oversee 145 mission critical applications deployed to 40,000 new users access 12,000 times a second at 450 locations of care.ing or not. It's like not, in:probably a similar age. It's:
You've got APIs and you've got this transactional system running in a place it's very easy to connect to. So for me, I've moved 7 petabytes of patient identified data to AWS. I've moved my production clinical systems where I can. Right that FOXPRO things still can't move where I can to the cloud. And sure I've kept some on-prem because the internet might disappear. I mean, it's not a joke, right? I mean, you're going against North Korea or God only knows what state sponsored cyber terrorist activity to take out I don't know, DNS routing or something. Right. So you got to have some things local, but I really, really try to move things out of my data centers because I want to procure rather than provision services. People say, oh, actually this is not a risk. It's a risk mitigation. Because Amazon has 50,000 employees instead of your 5 are looking at security. When badness happens at the internet, you think Amazon is going to route first or you. It's going to be Amazon that figures out a route around the problem.
Right. So we're doing it. The BAAs are sufficient. The reliability is sufficient, but there's one area that's not sufficient. And that is indemnification. So for fun, go call Jeff Bezos and say, hey Jeff, let's imagine a bunch of Amazon engineers go rogue and suddenly, I don't know the HIV status of government officials is on Facebook. Are you going to indemnify us against that? His answer will be um no.
So you've got BAA. That's great. And you've got highly reliable, highly secure infrastructure, but I'll tell you it just still early. Google, Amazon NTT data, all of them aren't quite yet to what I'm going to call a single standard for paying you should badness happen to your data.
Right. And I'm not sure that's going to change. We did have Workday. We did have Box. We did have Salesforce. Microsoft as well. And we had BAAs with all of them. And when it came down to the indemnification clauses, there's not a single one of them that would sign up for it. And I don't foresee that change changing anytime soon do you?
Well, I imagine there's sort of two models to explore, which is I have a $25 million cyber liability policy from Lloyd's of London. So I say Amazon, Google, NTT data, Microsoft here's my data. Oh and by the way, I will protect around that with a several liability policy. But Michael Dell back when Dell was doing hosting.
Actually interesting thought. He said I can't make it an infinite indemnification, right. That would bankrupt the company. Well, how about this? I'll agree to pay you three times triple damages, over what your contract value is. So you, you invest a million with me. I have a $3 million check headed your way if anything bad happens. Now, obviously that's not exactly as efficient if I have oh I don't know, 2 million patients in that cloud. And the say average cost when you consider litigation media management, credit reporting, forensics, all the risk is 300 bucks per patient. 3 million doesn't go very far.
Right. But one of the things you talked about FOXPRO and we're both programmers probably at a different level. I mean, you programmed an EMR and I used to make applications within FOXPRO. The thing we loved about it is highly, I mean, you could customize the heck out of it.
You could make it do exactly what you want to do. I think this is one of the drivers to the cloud now. Even though when you get Salesforce, you get Salesforce out of the box, but then you have this forced platform on top of it. And now all of a sudden you can build applications that you can really customize the solution, you can bring in IOT data, you can do a whole bunch of things to it. I think this is one of the new drivers to the cloud that we're seeing is that people want to be able to plug in new applications, new thoughts, new things into it.
And the cloud is giving us a new way to do that, that we haven't really had since FOXPRO, to be honest. I mean, people give you the EMR and they're like, here it is. If you want something put in a, a request and maybe the vendor will do it, maybe they won't do it. What are your thoughts on that?
Totally correct. So we call this at a BIDMC the EHR plus strategy. And what does that mean? So it turns out I have five clouds of EHR, right? So I've got an Athena cloud, got an E-clinical works cloud, a MEDITECH cloud, an Epic cloud, some self-built clouds, and they're all FHIR enabled. Right. So what we say to this 26 year old in the garage, you have this beautiful function that doesn't exist in the EHR.
Wow, thanks for tuning in another great episode. If you have feedback for us regarding this content and materials, or if you would like to help us to amplify great thinking to propel healthcare forward, which is our 📍 mission, please send us a note at [email protected] Thanks for listening. That's all for now. 📍