- More healthcare organizations want increased flexibility from their IT infrastructure and are looking to adopt healthcare IaaS solutions to move parts of their environment to the cloud.
Infrastructure as a service (IaaS) is different from software-as-a-service (SaaS) and platform-as-a-service (PaaS) because it includes hardware and software components, giving administrators more control over their cloud environment. IaaS gives organizations self-service options, broad network access, resource pooling, and elasticity. Many IaaS solutions may include PaaS and SaaS solutions as part of their deployment.
Gartner defines IaaS solutions as “a standardized, highly automated offering, where compute resources, complemented by storage and networking capabilities, are owned by a service provider and offered to the customer on demand.”
IaaS solutions give IT administrators a deeper control over their infrastructure with more cloud components. This means IaaS providers have a broad set of solutions collectively working together to form the IaaS deployment.
Organizations also have access to self-service interfaces for web-based deployments as well as application programming interfaces (APIs) for app building. IaaS is also available in both public and private cloud offerings.
According to the Northwest Regional Telehealth Resource Center, IaaS is a solid option for organizations that allows organizations to do the following:
- Facing the expense of a technology or hardware refresh.
- Ready to implement EHR solutions that require complex environments.
- Short-staffed due to changing needs or loss of experienced IT professionals.
- Desiring a disaster recovery environment outside their own region.
- Concerned about ePHI security or other compliance issues (HIPAA compliant providers).
- Seeking a more predictable cost structure.
IaaS essentially takes the physical deployment and on-site maintenance out of the IT infrastructure. For example, IaaS server solutions allow organizations to rent off-site servers for an agreed upon scheduled payment. This payment includes server maintenance which takes the worry and effort out of the hands of on-site staff. As an organization grows, more server space can be rented.
The ability to expand server space without investing in hardware is critical for entities that need to grow their infrastructure to meet increasing digital demands. IaaS makes it easier for organizations to replace legacy systems with the most current equivalent in the cloud and gives them the opportunity to use the latest cloud-based technology provided by the vendor.
Instead of owning the hardware and performing maintenance, the vendor maintains the solution. Repairs or reconfigurations don’t need to be performed on-site, saving organizations time and money on technicians. IaaS allows for a more predictable cost structure because unexpected service malfunctions are rare and repairs are included in the flat rate paid every payment period.
Implementing IaaS solutions makes it easier for organizations to add additional cloud deployments onto their infrastructure smoothly. IaaS also simplifies how organizations can add tools to their cloud infrastructure.
Vendors offer varying IaaS solutions that can be deployed together to build a custom cloud environment. However, it’s important that organizations pay attention to all their tools to ensure that their entire IaaS environment is HIPAA compliant.
“HIPAA a dangerous and very vast term and healthcare organizations should always be leery of anyone selling a HIPAA compliant solution. Even if a solution enables you to use it in a compliant manner, it doesn't necessarily mean it solves the compliance problem for you,” Forward Health Group CTO Jeff Thomas told HITInfrastructure.com.
“When looking at a cloud vendor, some of their tools might be vetted to ensure HIPAA compliance, but not every tool may be from that vendor, so you really need to look at it,” Thomas continued. “‘Solution A’ may enable your HIPAA compliance, but ‘technology B’ is part of that solution and it’s not HIPAA compliant.”
According to Gartner, IaaS providers will most likely be specific about which parts of their solution have been assessed by a third-party organization and are FedRAMP approved. The FedRAMP program is a government program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud solutions and deployments.
Gartner added that these solutions are usually HIPAA compliant, but organizations still need to discuss their solution and implementation at length to ensure that all parts of the cloud environment are HIPAA compliant.
Organizations that want to have more control over their cloud environment, desire more than just implementing a SaaS solution, and are looking to cut down on staff and hardware costs will benefit from IaaS solutions.