Emerging Trends in Infrastructure & Operations for Healthcare

Healthcare has traditionally been an industry that has taken a conservative approach to adopting new technologies and platforms (i.e. public cloud) due to the unique nature of having to deal with patient care and the security and privacy concerns around handling and storing patient data.  In the past decade, healthcare companies have had to “take off the training wheels” when it comes to embracing new technologies in order to enhance patient care, streamline operations, and ensure data security in an ever-changing technological landscape.  Whether you are a community hospital, medical equipment manufacturer or another healthcare related business, the market is very competitive.  Healthcare related organizations cannot afford to take a “wait and see” approach when it comes to embracing new technologies in order to give them a competitive advantage, improve business resilience, and build a more mature cybersecurity posture.  As we move into 2024, let’s explore the top trends shaping information technology (IT) infrastructure and operations within healthcare organizations. 

Top Trends in Infrastructure & Operations for Healthcare

Data Security

As healthcare organizations become increasingly digitized and begin undertaking Generative AI initiatives, cybersecurity remains a top priority with data security still top of mind. Protecting patient data from breaches and ensuring compliance with regulations (such as HIPAA) are critical. Expect investments in robust security measures, including encryption, intrusion detection systems, and employee training.  Organizations also need to make sure that their data is classified and secured before enabling internal or external Generative AI solutions (i.e. Microsoft Copilot for Microsoft 365) that can potentially leak sensitive data to the wrong audience.  Luckily, there are several, mature data security platforms in the market that make classifying data and applying appropriate access control to the data more straightforward than trying to do it manually.  These data security platforms are very flexible and can work with data that is stored on-premise or in the public cloud.

Public Cloud Maturity

Due to initial security and data privacy concerns, healthcare organizations were typically slower to begin putting workloads into the public cloud until the major hyperscalers matured their native security capabilities.  Now that the main public cloud providers have robust and mature native security solutions, most healthcare organizations are comfortable leveraging public cloud for a portion of their environment and even putting sensitive data workloads in public cloud.  As healthcare entities become more mature in the Public Cloud, there will be more scrutiny on cloud costs and workload placement to make sure that the monthly cloud bill doesn’t get out of hand and make sure that cloud-based workloads are close enough to important data sources to maintain good application performance.  Organizations that have matured in the public cloud are also looking at leveraging more than one Public Cloud vendor to avoid vendor lock-in and for disaster recovery purposes.  Healthcare companies are also heavily leveraging Software as a Service (SaaS) platforms for health information systems, human resources, and information technology management platforms.

Edge Computing

Edge computing brings processing power closer to the data source, reducing latency and improving real-time decision-making. In healthcare, this translates to faster diagnostics, remote monitoring, and efficient management of IoT devices (such as wearables and sensors).  Edge use cases in healthcare can include branch offices and clinics, telehealth, on-site practitioners, and Internet of Medical Things (IoMT) like MRI and X-ray machines.  Gartner predicts that more than 50% of all data will be stored outside of the core data center by 2025, which means that healthcare organizations may need to adapt their Edge infrastructure strategy to account for this type data growth and processing needs.  There are hyperconverged infrastructure platforms that can help organizations bring compute and storage to the Edge while keeping the total cost of ownership (TCO) low from a cost and administration standpoint.

Generative AI & Machine Learning

Healthcare is an industry that is already embracing generative AI and machine learning for improving patient care, making better financial decisions, and many other use cases.  Generative AI and machine learning require a higher level of processing power to train large language models or parse through large data sets.  Healthcare generates massive amounts of data daily. Leveraging advanced analytics and AI algorithms, organizations can extract valuable insights from electronic health records (EHRs), medical images, and patient histories. Predictive analytics can improve patient outcomes, optimize resource allocation, and enhance decision-making.  Most healthcare organization will need to decide on whether to build or buy the infrastructure required for AI\ML initiatives and whether they want to use their internal data for large language models or acquire external data for model training, etc.  Another key decision is whether to run these workloads in the public cloud or on-premise.  It may make sense to initially build out Generative AI environments in the public cloud to prove out the platform and then migrate to an on-premise environment when it is production ready.

Data Protection \ Ransomware Readiness

Cyberattacks have been identified as a top threat in many healthcare systems’ annual hazard vulnerability analyses (HVA) by medical health experts experienced in cybersecurity preparedness. To be better prepared here you should understand historical and current attacks and learn from their subsequent lessons. Implementation of security measures to prevent the introduction of malware, including ransomware. Focus on a robust security strategy involves maintaining data integrity. Regularly verify data accuracy, prevent unauthorized changes, and ensure data remains reliable even during cyberattacks. Look at a rapid recovery model, having effective recovery processes is crucial. This includes business continuity planning, downtime recovery procedures, and ensuring constant surveillance of the system.

Business Resiliency

Healthcare companies today face a growing number of disruptions that impact their operations. From shortages of critical materials to data security issues, the challenges are significant. To thrive in this environment, health care organizations must identify the most important disruptions they face and assess their potential impact. By doing so, they can build the necessary capabilities to mitigate these disruptions.

The most resilient health care organizations have seen impressive year-over-year revenue growth, emphasizing the importance of building resilience in today’s business landscape. Some of the areas of focus should be strategic and operational planning, understanding the risks and challenges specific to your organization and developing strategies to address them. Continuously monitor and evaluate key result areas, regular assessments help identify vulnerabilities and areas for improvement. Implement robust health information systems to track data, trends, and potential risks. Embrace innovation to adapt to changing circumstances. Explore modern technologies, processes, and approaches that enhance resilience.

Addressing Technical Debt

Technical debt is a concept that applies to various industries, including healthcare. It refers to the choices made to delay necessary maintenance or replacement of IT systems, which can eventually impact an organization’s operations. In healthcare, organizations often rely on legacy software applications and outdated medical devices, leading to technical debt. As healthcare continues its digital transformation, balancing debt remediation with new platform investments becomes crucial.  Addressing technical debt usually starts with acknowledging that there is a technical debt issue before trying to tackle it.  The next step is to identify areas of technical debt within your organization and rank their impact on existing processes and practices.  Successful IT leaders in healthcare and other industries can take this prioritized list and communicate to the executive team that the cost of not addressing technical debt for the highest rated technical debt risks will actually be more expensive in the long run than addressing technical debt in a staged approach.  If an outdated, but high-risk platform that doesn’t have any resiliency built into it goes down for an extended period of time, the financial and reputational loss is likely to be more expensive to the organization than it would have been to update the underlying technology as part of a phased technical debt remediation plan.

Healthcare related Infrastructure & Operations range of projects:

VMware Alternative Migration

With the uncertainty of Broadcom and VMware of what will be removed from a ESXi perspective. customers are looking to alternative solutions that are feasible to migrate to and ready for a healthcare specific model. One solution is Hyper-V by Microsoft, which is included in Windows Server and Windows 10/11. Hyper-V allows healthcare organizations to create and manage virtual machines, clusters, and networks using a graphical interface or PowerShell commands. Hyper-V also supports Linux and Windows guests, live migration, failover clustering, and integration with Azure cloud services.

Another would be to look at KVM, a Linux kernel-based platform.  KVM enables healthcare organizations to create and manage virtual machines using command-line tools or graphical interfaces such as Virt-Manager or oVirt. KVM supports Linux and Windows guests, live migration, load balancing, and integration with OpenStack cloud platform.

Nutanix platform utilizing hypervisor AHV would be a recommended choice to migrate from VMware if the budget allows for HW re-platforming.  Nutanix has built-in tools for easy migration and a full encompassing solution to manage the entire infrastructure.  With built-in Lifecycle management, single click updates for both software and hardware, Nutanix would make true ease of management for an IT department.

Windows Operating Systems Upgrades:

Many healthcare organizations face difficulty with windows operating systems upgrade due to assorted reasons. Some of the familiar challenges are compatibility issues with legacy software, security risks, budget constraints, and staff training. It requires careful planning, testing, and implementation to avoid potential problems and disruptions.  Here are some tips to help healthcare organizations successfully upgrade:

Application Compatibility:

• Challenge: Healthcare organizations often rely on specialized software applications for patient management, billing, electronic health records (EHR), and more. Ensuring these applications are compatible with the new Windows version is crucial.
• Strategy: 
  • Assessment: Conduct a thorough assessment of existing applications. Identify any compatibility issues and prioritize critical applications.
  • Vendor Communication: Engage with software vendors to verify compatibility and obtain necessary updates or patches.
  • Testing: Test applications on a non-production environment before rolling out the upgrade. Address any issues proactively.

Data Migration and Backup:

• Challenge: Migrating data from older systems to the new Windows version can be challenging. Data loss during migration is a significant risk.
• Strategy: 
  • Backup: Ensure robust data backups before starting the upgrade process.
  • Data Mapping: Create a detailed map of data sources, including databases, files, and user profiles.
  • Migration Plan: Develop a step-by-step migration plan, including data validation and verification.

User Training and Adoption:

• Challenge: Healthcare staff may be accustomed to the previous Windows version. Transitioning to a new interface can cause confusion and productivity loss.
• Strategy: 
  • Training: Provide comprehensive training sessions for end-users. Cover new features, shortcuts, and security practices.
  • User Champions: Identify power users or “champions” who can assist colleagues during the transition.
  • Feedback Loop: Establish a feedback mechanism to address user concerns promptly.

Security and Compliance:

• Challenge: Healthcare organizations handle sensitive patient data. Ensuring security and compliance during the upgrade is critical.
• Strategy: 
  • Security Baseline: Define a security baseline for the new Windows version. Implement features like BitLocker encryption, Windows Defender, and Group Policies.
  • HIPAA Compliance: Align with HIPAA requirements by configuring access controls, auditing, and encryption.
  • Regular Audits: Conduct regular security audits post-upgrade to verify compliance.

Storage Upgrades to All-Flash and Encryption at Rest

Healthcare IT is a demanding sector that requires high performance, reliability, and security for its data storage needs. One of the ways to achieve these goals is to upgrade the storage infrastructure to all-flash arrays, which offer several benefits over traditional hard disk drives (HDDs) or hybrid systems. Some of the benefits are: 

• Faster Data Access: All-flash arrays can deliver data at speeds up to 100 times faster than HDDs,              which means faster response times for applications, analytics, and patient care.
• Lower Power Consumption: All-flash arrays consume less power than HDDs, which reduces the              operational costs and the environmental impact of the data center.
• Higher Reliability: All-flash arrays have no moving parts, which reduces the risk of mechanical                 failures, data corruption, and downtime. They also have built-in features such as encryption,                 deduplication, and compression that enhance data security and efficiency.
• Greater Scalability: All-flash arrays can easily scale up or down to meet the changing demands of the healthcare IT environment, without compromising performance or quality. They also support multiple protocols and platforms, which enables interoperability and flexibility.

Encryption at rest is especially important for healthcare IT, as it deals with sensitive and personal information of patients and providers. Healthcare data is subject to various regulations and compliance standards, such as HIPAA and GDPR, that require data protection and privacy. Encryption at rest helps healthcare IT meet these requirements and avoid potential fines and reputational damage.  It will reduce the risk of data breaches and cyberattacks, which can have serious consequences for patient safety, quality of care, and trust. Encryption at rest allows healthcare IT to leverage the benefits of cloud computing without compromising data security.