The 4 Cloud Services Myths Holding Your HHS Agency Back

By Don Johnson posted Jan 14,2020 09:51 AM


Don Johnson, CTO and Product Lead, Optum

The 4 Cloud Services Myths Holding Your HHS Agency Back

State health and human services (HHS) agencies are under continual pressure to improve efficiencies and outcomes for those they serve. Agencies have a legacy of deploying complex, monolithic systems that are aging and now difficult and costly to maintain.

While cloud services can be a powerful antidote to enterprise technology issues, misperceptions about them sometimes prevent agencies from adopting these solutions. In a Center for Digital Government survey, 76 percent of state government respondents had migrated 20 percent or less of their systems and applications to the cloud — even though 66 percent said more than 50 percent of their state’s systems and applications could be migrated.

In speaking with agencies, we discovered a few misconceptions of the cloud that are worth debunking to help leaders become more comfortable embracing cloud-based solutions for traditional and often complex legacy systems.

The cloud is less secure than onsite data centers.

Data is often more secure in the cloud than in on-premises data centers, for several reasons:

  • The core business of cloud service providers (CSPs) is infrastructure, platforms or applications. That means they can focus on building security — and multiple controls — into their technology. Even if criminals overcome one security control, other controls are in place to block further progress.
  • CSPs take a single data source and split it across multiple areas, making it difficult for criminals to “reassemble” the data for theft or tampering.
  • CSPs can partition (i.e., wall off) a shared or public cloud so the organization’s assets are insulated from any malicious activity directed at another tenant.

Cloud-based solutions limit customization options.

It’s true that certain controls running underneath cloud-based solutions may be fixed. But that’s because the CSP has optimized the solution for the best possible security configurations. In addition, some workflow processes may be fixed to reflect best practices for HHS organizations. These workflows could be customized, but costs, complexity and deployment time would increase significantly, undercutting the advantages of cloud-based, prepackaged services.

Cloud solutions make sharing data with other states and agencies more difficult.

Data sharing challenges are often related to conflicting security and compliance requirements between different organizations. The key to effective cooperation is first defining the high-level outcomes organizations want to achieve, then developing a collaborative approach that incorporates compliance from the start. This may require working with legal and legislative teams to help them understand the overall picture and adjust policies without compromising compliance or security.

We don’t have the staff expertise to move to the cloud.

Migration to a cloud-based service can unearth challenges and considerations that may have been hidden when an organization hosted its own data center. Luckily many CSPs have personnel and processes to help guide staff through transitions, instill best practices and minimize risk. In addition, many vendors have incorporated processes into their services that handle migration, upgrades and deployment automatically, thus reducing the impact on organizations.

Cloud-based solutions represent the next evolution of healthcare. By improving client outcomes and making experiences better for citizens and employees alike, cloud solutions can help transform HHS agencies legacy technology infrastructure.