HITRUST is becoming one of the most important pivot points for any enterprise healthcare cloud strategy. We’ve seen this first hand ourselves, time and time again.
Innovative health IT programs typically face three blockers when trying to adopt AWS:
Internal IT closely guards available resources. They push projects to internally owned and managed hard drives and CPU cores. When moving to the cloud, those initiatives can be viewed as “Shadow IT” because of the DevOps and cloud engineering resources needed outside of their control.
Internal Compliance does not approve of the low levels of liability taken on by AWS. Under AWS’s Shared Responsibility Model, roughly 1/10th of compliance controls are taken on by them (mostly the physical level and firewall). The other 9/10ths are major gaps that are now the organization’s responsibility. Not cool in their book.
Internal Security is often aligned with Internal Compliance. They view a presence on AWS as a new threat vector. While AWS themselves have some of the best infrastructure security measures in the world, the operating system level is still the responsibility now of the organization to secure. That’s a lot of work and a lot of liability! Typically it’s a problem requiring hard-to-find resources like cloud engineers—a luxury in health IT.
All combined, most healthcare enterprises are blocked from adopting AWS. David Deas, Corporate Director of Innovation and Knowledge Analytics at Method Le Bonheur, articulated this exact pain while giving a talk at last year’s re:Invent conference:
Enter HITRUST, the on-ramp for AWS
For the David Deas’s of the world, HITRUST has been a godsend.
For three years in a row, Datica has been Stage 3 CSF Certified on top of AWS. Our Platform absorbs all liabilities for compliance on the cloud, which extends AWS’s excellent coverage for compliance of the cloud.
Healthcare enterprises have taken note. They look to Datica to give assurances to those three internal stakeholders, which in turn green light adoption of AWS for innovative projects.
Internal IT trusts Datica’s cloud management, effectively eliminating the “Shadow IT” concern while simultaneously alleviating their burden to always “rob Peter to pay Paul” with hard drives and CPUs.
Internal Security and Internal Compliance both view HITRUST as the highest standard of security and compliance in the industry. By partnering with Datica, all their concerns go away.
The result is that people like David Deas who can get meaningful work done fast, are making a genuine impact on the lives of patients while reducing clinical costs.
Live presentation for those who can’t make it at HIMSS
If you are not attending HIMSS this year, or if you are unable to make the 11:00 am time slot on Tuesday, March 6th, we are holding a 30-minute webinar later in March to expand on Travis’ presentation. Please join us if you can’t visit us in person at HIMSS.
While you’re at HIMSS make sure to also visit the Datica booth, #5077. See you at HIMSS!