e-Health Cloud Implementation Issues and Efforts

Download PDF
7 downloads 263 Views 319KB Size Report
Comment
and organizational issues hindering the implementation of e- health cloud. Section V discusses the current status of adopting cloud computing in Healthcare.
Proceedings of the 2015 International Conference on Industrial Engineering and Operations Management Dubai, United Arab Emirates (UAE), March 3 – 5, 2015.

e-Health Cloud Implementation Issues and Efforts Noura Al Nuaimi, Asma AlShamsi, Nader Mohamed

Jameela Al-Jaroodi

United Arab Emirates University Al Ain 15551, UAE {Noura.alnuaimi, 200424736, nader.m}@uaeu.ac.ae

University of Pittsburgh Pittsburgh, PA 15260, USA [email protected]

Abstract—The healthcare industry is facing several challenges and significant pressure to decrease the costs associated with providing healthcare services, adopt new electronic healthcare systems, and communicate data quickly and securely with other healthcare and government agencies. Recently, the healthcare industry started perceiving cloud computing as a solution for its elasticity, scalability and universal access to the medical data anywhere and anytime needs. This paper illustrates the concept of electronic healthcare (e-Health), highlights the technical and non-technical issues of migrating to cloud computing solutions. Furthermore, the paper illustrates different solutions of cloudbased e-Health implementations to compare these efforts with the current issues. Keywords— e-Health; healthcare; cloud computing; security; privacy

I. INTRODUCTION The healthcare industry is challenged by significant pressures to decrease the costs associated with providing healthcare services, adopt new electronic healthcare systems, and communicate data quickly and securely with other healthcare professionals and government agencies. Traditionally, the healthcare industry has not been quick to accept new technologies for infrastructures that support backoffice operations. Many hospitals and medical care organizations keep their servers and desktops two to three years longer than average for non-healthcare organizations [1]. However, recently, governments and healthcare authorities in different countries are encouraging healthcare organization to adopt different e-Health solutions like electronic health records (EHR), health information exchanges (HIE) and business intelligence or analytics tools. Yet, the high cost of adopting supporting infrastructures to achieve this goal is very high. Consequently, many healthcare organizations are considering the move to cloud computing to resolve different issues that are facing them such as changing the history of healthcare data and leveraging the high costs. Cloud computing can enable focusing the healthcare organizations efforts on healthcare services and improving patient care. Moreover, cloud computing has the potential benefit to help healthcare organizations reduce the huge budget needed to migrate all the IT infrastructures to provide integrated services cross many organizations. In addition, the cloud delivers access to hardware, software, IT knowledge &

978-1-4799-6065-1/15/$31.00 ©2015 IEEE

resources and services, all in a better and more economical approach. Due to the many and considerable advantages of e-health cloud, there are significant efforts to implement and adopt ehealth cloud solutions by multiple healthcare organizations and countries. In addition, there are significant research efforts to address the issues facing e-health cloud implementations. This paper studies the current issues facing e-health cloud implementations and the current efforts being studied to solve these issues. The rest of the paper is organized as follows. Section II provides background information about the e-Health concept and Section III discusses background information about cloud computing. Section IV lists and discusses the technical and organizational issues hindering the implementation of ehealth cloud. Section V discusses the current status of adopting cloud computing in Healthcare. Finally, Section VI provides some discussions while Section VII concludes the paper. II. ELECTRONIC HEALTH The term “eHealth,” “e-Health” or “electronic Health” integrates a set of concepts, including health processes and information, technology, and commerce [2]. e-Health refers to healthcare as a process rather than an outcome. The World Health Organisation defines it as “e-Health is the costeffective and secure use of information and communications technologies in support of health and health-related field, including healthcare services, health surveillance, health literature, and health education, knowledge and research” [2]. Likewise, the European Commission defines e-Health very generally as “The use of modern information and communication technologies to meet needs of citizens, patients, healthcare professionals, healthcare providers, as well as policy makers” [2]. Norman el Skinner [3] defines eHealth as “The concept of e-Health literacy is introduced and defined as the ability to seek, find, understand, and appraise health information from electronic sources and apply the knowledge gained to addressing or solving a health problem.” The European Commission’s e-Health Taskforce Report describes the term e-Health as a collection of the following four interrelating categories [4]: 1) Clinical Information Systems, is described as either specialised tools for healthcare professionals within care institutions (e.g. hospitals) or tools for primary care and/or for outside car

2) e institutions. Examples of specialised tools are Radiology Information Systems, Nursing Information Systems, Medical Imaging, Computer Assisted Diagnosis, Surgery Training and Planning Systems. In addition, general practitioner and pharmacy information systems can be considered as tools for primary care and/or for outside care institutions. 3) Telemedicine and homecare systems including personalised healthcare systems and services like disease management services, remote patient monitoring, teleconsultation, tele-care, tele-medicine, and tele-radiology. 4) Integrated regional/national health information networks in addition to distributed electronic health record systems, associated electronic health record systems and associated services like e-prescriptions or ereferrals. 5) Secondary usage non-clinical systems which consist of three categories. The first category is systems for health education and health promotion. The second is specialised systems for researchers and public health data collection and analysis. These are the systems which support clinical processes but are not used directly by patients or healthcare professionals.

Fig. 1. Electronic Health Types.

The "e" in e-health does not only stand for "electronic," but implies a number of other e’s such as [5]: 1) Efficiency: increasing efficiency in healthcare means decreasing costs and efforts by eliminating duplicate/overlapping or unnecessary diagnostics or therapeutic interventions by enhancing communication between healthcare professionals and patients. 2) Enhancing quality of care by allowing comparisons between different providers and guiding patients to the best quality providers. 3) Evidence based effectiveness and efficiency would not be assumed but confirmed by rigorous scientific evaluation. 4) Empowerment of consumers and patients by making the knowledge bases of medicine and personal electronic records accessible over the Internet.

5) Encouragement of new relationships between the patients and healthcare professionals where decisions are shared. 6) Education of healthcare professionals through online sources. 7) Enabling information exchange and communication in a standardized way. 8) Extending the opportunity of healthcare beyond its conventional boundaries. 9) Ethics: e-health involves new types of patient-physician interactions and brings new challenges and threats to privacy and ethical issues. 10) Equity: to make healthcare more equitable is one of the promises of e-health. III. CLOUD COMPUTING: A NEW ECONOMIC PARADIGM Cloud computing is the fifth generation of computing [6] where it started with centralized mainframes, personal computing, client-server computing, web-based systems, and recently cloud computing which aims to be a global trend. Cloud computing is all about hosting and delivering ondemand services over the Internet. This feature gets most stakeholders' attention. R. Buyya [7] defines cloud computing as “A Cloud is a type of parallel and distributed system consisting of a collection of interconnected and virtualized computers that are dynamically provisioned and presented as one or more unified computing resources based on service-level agreements established through negotiation between the service provider and consumers.” Another definition from the National Institute of Standards & Technology (NIST) states [8]: “Cloud Computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimum management effort and service provider interaction.” NIST defines the following characteristics for the cloud: 1) On-demand self-service: A customer can allocate and de-allocate computing capabilities and resources such as server time and network bandwidth. 2) Broad network access: Resources are accessible over the network through standard mechanisms that promote use by heterogeneous thin or thick client platforms. 3) Resource pooling: Cloud providers serve multiple consumers through sharing resources and costs. Thus, the infrastructure can be centralized. This increases capacity and improves utilization efficiency. 4) Rapid elasticity: Another synonym for rapid scalability, where the cloud can meet large/rapid variations in user demands immediately. 5) Measured service: Cloud computing can be financed by a metering capability in a “pay as you go” model. Furthermore, cloud computing includes four deployment models: 1) The private cloud is operated and managed exclusively by one consumer (usually owns the cloud).

2) The community cloud is shared by several organizations within a single community like the health or education community or even government organizations. 3) The public cloud is owned by one organization (service provider) and is made available to all clients. 4) The hybrid cloud is a composite of two or more of the other cloud types. Cloud computing has three main famous models as figure 2 shows: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) [6], [7] and [8] 1) Infrastructure as a Service (IaaS) offers on-demand provisioning of infrastructural resources either as logical infrastructures like virtual machines (VM) or physical infrastructure like processors, storage and network access. Consumers are billed on a pay per use basis. For example, Permivault from FUJIFILM Medical Systems U.S.A., Inc. offers cloud-based image archiving [9]. Other examples include Amazon Simple Storage Services (Amazon S3) [10] where customers pay based on storage capacity used and Amazon Elastic Compute Cloud (Amazon EC2) [11] where customers use and pay for computing resources by the hour. 2) Platform as a Service (PaaS) provides platform resources which include operating systems and software development frameworks that allow users to develop their own cloud-based healthcare applications. Examples of PaaS providers include Google App Engine [12], Microsoft Windows Azure [13] and Force.com [14]. 3) Software as a Service (SaaS) refers to providing ondemand applications over the Internet. The cloud provider owns the applications and the users pay a fixed subscription fee. Examples of SaaS providers include Dell Unified Clinical Archive [15], MIMcloud by MIM Software [16], PicomCloud [17], Cloud PACS from ScImage, Inc. [18]. Cloud Clients “Healthcare Consumer” Web browser, mobile app, thin client …

SaaS Application

Healthcare application like HIS, EMR, HER, EPR, RIS, PACS

Platform

Execution runtime, database, web server, develop tools, …

Infrastructur

PaaS IaaS Virtual machines, servers, health data storage, load, balancers, …

Fig. 2. Cloud Services for HealthCare.

IV. E-HEALTH CLOUD COMPUTING IMPLEMENTATIONS ISSUES Issues in e-health cloud implementations can be divided into three categories: technical issues, organizational issues, and quality of service issues. We will discuss these categories in this section.

A. Technical Issues Although huge advances in technology have been made, cloud computing and e-health in particular still face several issues that must be addressed to provide usable and efficient solutions. 1) Security and Privacy Issues Security issues [19]: Security in the cloud is a very important aspect that needs to be carefully considered during the implementation of an e-health cloud. There are different service models for organizations to choose from when deciding to implement e-health on the cloud like SaaS, PaaS and IaaS. In addition, there are different deployment models including private, public, community and hybrid. However, whatever the choices, there are some security challenges that need to be addressed for those who decide to implement e-health on the cloud. There are well-known security issues in cloud computing from data encryption, authentication, authorization and fraud detection to prevent potential attacks. For example, when dealing with the Application Programming Interface (API), the providers of cloud computing will provide a set of Key Performance Indicators (KPI) to the customers to interact with the healthcare services through the APIs. These KPIs should be secure and accessible enough to deal with. The APIs must be designed to set controls for accessing the data in the cloud. Also, they should allow cloud users to delegate access to other resources and other users. APIs should have a level of assurance (LoA), which control access to the data. Moreover, APIs should allow requesters to set their roles and attributes from many authority sources. Access and Identity management [20]: Many users can access the cloud from various locations and due to the sensitivity of the data involved, identity and access should be securely managed. Permissions and rules should be assigned to users to ensure the authentication and the authorizations of users and data. Safeguarding Data Security [21]: The security issue in cloud computing starts from the point where the data, operating systems and related infrastructures are controlled by a third party outside the healthcare organization. The worries rise further in case of outsourcing these services outside the country "offshore." Brand Hacking: This is the case when a hacker hacks popular brands. As a result, customers may be wary of whether or not they can trust cloud computing and keep their information and products in the cloud. However, in terms of a small organizations, there will be no branding benefits for getting hacked [21]. 2) Service Delivery and Billing Issues Regulations Constraint [22]: Cloud computing should align with the policies and comply with the healthcare authorities and practices. For instance, Health Insurance Portability and Accountability Act (HIPAA) and the Personal Information Protection and Electronic

Documents Act (PIPEDA) require health data to be processed in certain prescribed means. Moreover, it needs to take into account the regulations of the countries where the cloud computing providers host their servers and what are the regulations relating to personal data. 3) Interoperability and Portability Issues Healthcare organizations are looking for easy access, cost-effective, and flexible configurations for cloud computing services. These can be obtained by involving inter-cloud connectivity and/or some connections among cloud computing and other e-health services provided by other systems [22]. Services for the e-health Cloud can be provided from multiple cloud service providers. For example, one can provide processing services for high resolution medical images while another provider may provide data storage and other services for storing patient electronic records or data mining and analysis services. The main issue is how to easily integrate these services which requires a good degree of interoperability. Interoperability involves defining an agreed-upon framework or open protocols/APIs that enable easy servers and data integration among different cloud service providers [23]. The common frameworks or protocols should also include mechanisms for secure information exchange and services’ integration. The issue of interoperability is also faced when integrated ehealth cloud services are provided from both local and external clouds. For example, some e-health functions can be developed by integrating local and external services. These e-health cloud services cannot be formed easily unless there is a good degree of interoperability among the local and external service providers. A good degree of interoperability can also facilitate easy migration among different available systems. Data migration between an old local application and a new ehealth cloud can be simplified if open protocols and APIs are provided. One approach is to utilize the concept of Service-Oriented Architecture (SOA) [24] [25] for implementing the e-health cloud. SOA aims to make services available and easily accessible through standardized models without having to worry about the underlying infrastructures, development models or implementation details. This helps achieve interoperability and loose coupling among e-health cloud components and also among e-health cloud users. 4) Performance vs. Cost Issues Most healthcare providers require good performance of the e-health cloud services. Service performance is crucial for healthcare providers who cannot effectively operate unless their applications and patients’ data are readily available when needed. The e-health cloud services should be available continuously with no

5)

6)

7)

8)

interruptions or performance degradation. Having high performance services can be costly. A trade-off between acceptable performance level and service cost is needed. Cloud Vendor lock-in Cost Issue Cloud Vendor lock-in is identified as proprietary lock-in or customer lock-in where healthcare organizations depend on a specific cloud vendor for services. When a healthcare organization decides to switch to another vendor, switching cost shows up. Switching to a lowercost cloud provider is easy as the switching cost is low, while switching to higher cost vendors will incur more costs. A second form, vendor lock-in, occurs when technologies become extensively used within healthcare organizations. As an example SaaS can have a serious impact on the ability to switch cloud providers. Data Management Huge medical data is expected to be collected and stored in the cloud from different healthcare providers via different technologies. The objective is to have high reliability and better access at different locations and across large geographic distances. Thus, the cloud is challenged to offer secure storage over public clouds, fault tolerance, and rich query languages that allow efficient and scalable facilities to retrieve and process the application data [26]. Scalability and Flexibility Massive users from the healthcare domain are expected to use the cloud services, where this can be only achieved by scalability of services. Cloud scalability could be empowered by increasing the ability of the IT resources like compute nodes, network connections, and storage units and providing suitable operational and management facilities. Besides that, scalability requires dynamic configurations, reconfigurations, an automatic resizing of used virtualized hardware resources and maintaining an acceptable level of performance regardless of the size and utilization levels of the services. In addition, flexibility means the ability of cloud providers to serve multiple healthcare providers with different requirements in terms of functions, operations, users, auditing, management, and quality of service (QoS) requirements [26]. Maintainability The Cloud is challenged by the daunting task of maintaining its resources and services. As the infrastructure and services grow to meet customer needs, it becomes harder and more complex to maintain them while preserving the same levels of performance. The complexity of the maintenance arises from the different requirements and characteristics of the multiple healthcare services providers and clients. These requirements could be completely different in the cloud infrastructures, software, or platforms [26].

B. Organization Issues Organization issues could be more challenging than technical ones, where they affect the acceptance of cloudbased application. 1) Supervisory Control Consider the internal organizational factors, KhajehHosseini et al. [27] claim that adopting cloud computing will transfer some authority roles of IT employees, and traditional IT departments will be obsolete. Cloud computing will change the role of the central IT department. Compliance departments also will not have the same privileges which may result in changes in their working practices. In addition, the political implications on healthcare organizations in case of losing their control over some of critical services are an issue. On the other hand Siddiqi [21] presents external factors. For instance, selecting cloud set-up, facing the objections, fear of the unknown and acquiring knowledge all could be barriers to adopt cloud computing in healthcare organizations. 2) Acquiring Knowledge and Expertise Healthcare organizations may not have the needed knowledge and expertise among their employees. This can add difficulties while implementing cloud solutions and training employees on the new set of processes and tools of cloud based solutions. 3) Top Management Support At organizations, the human factor is a critical one that affects the organization’s culture. Top management support could provision the success of implementing new technologies. This can be achieved by aligning the cloud adoption plan with the strategic plans of the healthcare organization and the wellbeing of the employees. 4) Healthcare Organization Change Any organization has its own culture, polices and employees moral, where transferring to new technology should consider how the employees would be affected by the change. Healthcare organizations should plan a smooth transition to the new process and structure. Examples of such changes could be in the form of new policies, procedures and workflows in addition to changes in medical processes and documentation methods [26]. 5) Business Process Reengineering (BPR) BPR is the analysis and redesign of workflow within and between healthcare organizations. Implementing cloud based solutions in healthcare organization is challenged by the modifications in workflow. Healthcare organizations should be willing to change their workflow to fit the cloud technology with minimum customization. The quality of the business process review and redesign is important.

C. Service Quality Issues 1) Contract with Provider Cloud computing contracts combine outsourcing, software and leasing, where they concentrate on servicelevel agreement (SLA) guarantees. The challenge here is how to deliver the same contract for all customers, where cloud providers cannot provide each customer with a different SLA [27]. 2) Regulation Constraint Regulations Constrain where cloud computing should align with the policy compliance of healthcare authorities and practices. For instance, Health Insurance Portability and Accountability Act (HIPAA) and the Personal Information Protection and Electronic Documents Act (PIPEDA) require health data be processed in certain prescribed means. Besides that, it is needed to take into account the regulations of the countries where the cloud providers host their servers and what are the regulations relating to personal data [22]. 3) Reliability and Availability Issues The healthcare domain has special requisite on the data reliability and availability, where data in healthcare may affect the patient’s life. Cloud providers are challenged to increase the availability and reliability of their services. In addition, healthcare organizations will be challenged on choosing the suitable SLA [22]. V. CURRENT STATUS OF ADOPTION CLOUD COMPUTING IN HEALTHCARE There are various efforts for implementations of healthcare solutions using cloud computing. These can be classified into three categories: (1) electronic health records; (2) medical image archiving; and (3) physician collaboration solutions. A. Cloud-Based Electronic Health Records Lin et al. [28] illustrate an EHR system developed in China to solve the challenges of preventive medicine and management of chronic diseases. The healthcare system based on a Cloud-computing architecture was developed and deployed in Xilingol county of Inner Mongolia. The system used several computing resources to deliver services over the healthcare network using the Internet. There are some challenges to the system like integrating different levels of the healthcare system which makes it difficult for officials in obtaining the information needed to implement public health efforts and to manage chronic diseases. Rodriguez-Martinez et al. [29] illustrate MedBook, a platform to exchange HERs and billing activities to assists patients, healthcare providers, and healthcare players collaboration and information exchange. MedBook has the compliance advantage as it matches the US HIPAA standardization and privacy. MedBook is a SaaS platform built on top of open source cloud technologies and running

atop an IaaS platform. The platform offers the full benefit of cloud computing. The server applications are implemented using different web services and web applications, Python, Django, PostgreSQL, HBase, and the Apache web server in order to benefit from each technology. MedBook uses Ubuntu Linux 10.04 for security assurance and MedBook Eucalyptus 2 for management and resource allocation which is considered one of the challenges in cloud computing. MedBook is built using free cloud technology that grants users the freedom of customization, modification and distribution. On the other hand, MedBook has limitations on its privacy and legislation status since its built using open source cloud computing. Barua et al. [30] illustrate Patient-centric Access Control (ESPAC), an efficient and secure scheme that offer selfcontrolled access privileges for access of highly sensitive Personal Health Information (PHI). ESPAC ensures achieving the security standards by allowing data requesters to have different access privileges based on their roles. ESPAC has advantages of granting different access rights to individual users based on their attributes and roles. It also provides data outsourcing services and increase security by using encrypted data over the cloud. Hus et al. [31] propose a solution for protecting personal health records in the cloud by encrypting patient data before sending them to the cloud. The solution proposes two encryption keys. The first key is owned by the user called “a right-to-decrypt code”, while the second key is called “a substitute-key-half code.” Thus, patient data stored in the cloud will be secure and will not be disclosed to anyone without proper authorization. Fernández-Cardeñosa et al. [32] introduce a cloud-based solution for different scenarios of an EHR management system. The proposal covered a large hospital and a network of Primary Healthcare center. They estimated the cost of the implementation using the Amazon calculator tool. EHRs with no images have been migrated to the Cloud environment, because of the large size of the DICOM images. They said that the implementation might be dependent on the bandwidth of the center and the amount of money that health centres want to spend. Arshdeep Bahga et al. [33] propose a cloud healthcare information systems technology architecture (CHISTAR) that addresses the key requirements of HIPAA and HITECH. B. Cloud-Based Medical Image Archiving Yang et al. [34] illustrate Medical Image File Accessing System (MIFAS) in the cloud. The solution facilitates retrieving, sharing and storing medical images among medical providers and patients. MIFAS builds on the Hadoop platform to resolve the exchange, storage, and sharing difficulties. MIFAS benefits from Hadoop’s feature to process large data sets in a distributed computing environment. The solution has the advantages of scalability, cost effectiveness and replication from using Hadoop. MIFAS offers painless methods to add nodes with Hadoop and rapid data transfer rates in terms of efficiency. MIFAS resolves the reliability issue through Hadoop that allows the

system to continue operating in case one of the nodes fails. On the other hand, the limitation can be noticed regarding the security as Hadoop has a limited security model and does not have storage or network level encryption. Boiron et al. [35] illustrates the French Ministry of Health project: Filmless Region is a program launched around 2009 to handle the use of Picture Archiving and Communication Systems (PACS), Radiological Information Systems (RIS) and archiving of medical images between healthcare providers. The program offers three types of cloud-based services: (1) An archive for facilities that already have a RIS and PACS; (2) PACS software with an online archive for prefetching, acquisition, and viewing of images; and (3) RIS and PACS software. The solution gains its benefits by allowing healthcare providers and professionals to access images, share the access with colleagues or view records from home. Also, having shared data between healthcare providers allows sharing efficient workflows in PACS and RIS services. The system benefits of cloud computing in saving costs, where it uses the “pay as you go” billing model priced by exam and is subject to the platform fulfilling stringent service level agreements. Ved et al. [36] propose TPHRS, a cloud computing based system that allows different authorized users to securely access patient records at any time and from anywhere. The system stores data in a cloud-based architecture. The proposed system uses passwords to ensure secure access and only registered users are allowed to access the system. C. Cloud-Based Physician Collaboration Chen et al. [37] illustrate an Intelligent Information System for Maternal and Child Healthcare developed to overcome the limitations of healthcare resources in China. The system works as a bridge between pregnant women and their healthcare providers. It provides first-aid, medication reminders, medical guides, remote consultation and healthcare management. Pregnant women obtain their physical signs data (such as temperature, blood pressure, heart rate, blood sugar, and electrocardiogram) by sensors that they wear and send them via smart phones to the data center. The solution inherits the advantages of the Google File System which is a scalable distributed file system to provide efficient, reliable access to data in large distributed applications. GFS has high availability through fast recovery, master replication and data integrity. Patrick et al. [38] suggest a model of e-health in the cloud. This model was designed to be implemented in Ghana as it has one of World’s major shares of illnesses and a low doctor-to-patient ratio coupled with the lack of proper healthcare facilities. The e-health solution aims to reduce the problems in the e-health sector. It was implemented in two main areas: private and public cloud. The Private cloud contains three Servers which are to be maintained to help separate tasks. It assumes that EHRs, Personal Health Records (PHR), and Hospital Information Systems (HIS) must have dedicated Servers/Virtual Machine Servers and are to be hosted in the Private cloud.

Wooten et al. [39] present Husky Healthcare Social Cloud, a cloud-assisted healthcare social networking system and access control technique. In this system the users communicate with each other via a connection to a server secured with the SSL protocol located in the cloud. The Husky solution has the advantages of cost savings and scalability. The solution is planned to be open to the general public to analyze its usability and performance. On the other hand, there is a possible downtime as the Husky model focused on the security protocol and forgot the reliability of the Internet connection. When the internet is down all the services that are provided by Husky will be down too. Thilakanathan et al. [40] propose a health monitoring system that will allow patients to share their health data with medical professionals in a secure and confidential way. The key feature of the system is its ability to handle large data sets and efficient user revocation. The developed system ensures a secure data sharing protocol that will allow private and secure sharing of data in the Cloud. C. Rolim et al. [41] propose an integrated telemedicine service ITS that automates the process of collecting patient's vital data from bedside via a network of sensors connected to legacy medical devices, and provides this information to the medical center’s “cloud” for storage, processing, and distribution. The proposed system has benefits of providing real-time data gathering and eliminating manual work. However, the use of sensors and patient safety could arise as challenges for this proposed system as not enough details are provided. B. Reddy et al. [42] propose a design of a Cloud framework for Health Monitoring System (CHMS). It gathers patients health data, publishes them to a Cloud based Telemedicine Repository (TMR) to simplify data analysis via services hosted in the Cloud. The proposed CHMS has the advantages of facilitating data analysis via the cloud and supporting remote consultation between patients and medical professionals. However, there is no real implementation that reflects the efficiency of proposed system. Thuemmler et al [43] discussed how to apply e-health data in the cloud in a secure way. They used FI_STAR architecture, which is a hybrid cloud approach, used to increases system performance and security levels. They argued that Hybrid Clouds are powerful architectures and capable of executing the Software-to-Data paradigm in real world environments. They summarized the benefits of Hybrid Clouds in a way that it will improve privacy protection and governance. It will provide QoS confidence for healthcare providers and patients. It will allow healthcare providers the autonomy to work off-line. Moreover, Software-Defined Networking (SDN) using technologies such as Open Flow to integrate the Internet of Things as an integral part of the Future Internet. Juha and Leena [44] used telemedicine as a cloud-based multinational ecosystem. They argued that telemedicine has a lot of problems, which prevent its success. But it can be solved through training as the incorrect use of the new technology may lead big failures and may ruin the whole

ecosystem. Moreover, they argued that the new telemedicine practices may significantly change the daily duties of the personnel of the health posts, the health centers and the consulting physicians. Also, the big challenge might be that it is difficult to change the mind-set of the involved healthcare personnel. Almutiry et al. [45] focus on data quality in generic information systems. They studied the data quality aligned with the data consumers in e-health. They suggested a framework that concerns Data Quality in the context of electronic healthcare systems. The proposed framework is based on filtering the existing data quality dimensions and testing their appropriateness to the nature of e-health systems. VI. DISCUSSION The healthcare industry is starting to take some steps towards utilizing and incorporating cloud computing systems as they could see the benefits of doing so. Adopting cloud computing technologies in e-health systems will improve the quality of medical services and the efficiency of operations. It will also facilitate sharing data across multiple geographic locations and among multiple users within a single or different healthcare organizations. Adopting cloud-based solution will offer better cost management and will reduce the need for technical staff and technology support within the healthcare organizations. Furthermore, access to the healthcare information will be made easier anywhere anytime for all people involved in the healthcare organizations. Despite the rapid adoption of cloud-based solutions in many other industries, the healthcare domain has been slow in moving to cloud computing. Table 1 provides a summary of the current efforts in adopting e-health cloud solutions and their challenges. The reason behind this is the importance of patient’s data integrity and privacy in this domain. The patient’s data in the healthcare industry is critical, where security and availability have the highest concern. There is a panic of the unknown and concerns as to how the security requirements could be translated to the cloud environment. However, there are commitments from the leaders of cloud computing (e.g., Microsoft [46], Google [47], and Amazon [48]) to provide suitable policies and practices to secure customer’s data and preserve privacy. Besides that some countries may impose general regulations to protect patients’ data. As an example, the United States and Canada have their own regulations (HIPAA [49] and PIPEDA [50]) to protect cloud users’ data security and privacy. Correlated with security, availability of the data is an important second challenge. Healthcare providers need to access their patients’ data all the time and immediately. The cloud often covers this requirement, but there remain concerns about accessibility of data on an automatic basis, with consistent reliability. Another high priority issue is the migration and licensing challenges of the cloud. Healthcare providers for sure will not move to the cloud in one step. They will do it in a planned multi-step way by migrating some existing applications into the cloud and keeping others in their data

VII.

centers based on use and requirements. Another concern is raised when transferring from one cloud vendor to another, where currently there is no standards to help resolve this conflict. Beyond these technical challenges, the organizational challenges like organizational change and how to adapt the healthcare organization to the cloud culture also contribute to the slow adoption of cloud-based solutions in e-health. Moving to the cloud will impact the healthcare organizations’ staff knowledge, competency and roles. Small healthcare organizations could adapt more easily than large ones, especially if we consider the potential savings of the high investment needed to keep their own systems and data centers. In general, the cloud will expand in e-health possibly slowly and only if cloud providers are ready to adjust their approaches to the unique challenges of the e-health domain to create “win-win” situations for both sides. By addressing the different challenges and offering workable solutions that most (if not all) healthcare organization can agree upon, the process will be accelerated. With the suitable cloud-based services, e-health will become more efficient, less costly and highly and securely accessible for all e-health users.

CONCLUSION

In this paper, we presented some of the issues that obstruct the implementation of e-health systems on the cloud. We reviewed different implemented or proposed cloud-based solutions for e-health systems. As we described these solutions, we studied the issues that might face them during the implementation in the Cloud. Each of the approaches discussed had its advantages that allow it to become a successful model for certain requirements. However, each one also had some issues that represent a challenges for the healthcare organizations and cloud service providers. We classified the issues into three different categories: technical, organizational and quality of service issues. To address the challenges all parties involved need to work together to create uniform and interoperable solutions that will allow for better e-health cloud systems. Generally, the current efforts are in the right direction, yet we predict it will take more time and efforts to arrive at flexible, adaptable approaches that will lead to complete adoption of the e-health cloud.

TABLE I: CHALLENGES INFLUENCING THE ADOPTION OF E-HEALTH CLOUD SOLUTIONS

ERR MedBook ESPAC EPR HER CHISTAR MIFAS Filmless TPHRS IISMCH HIS Husky HMS ITS CHMS FI_STAR Juha and Leena Almutiry et aI

[28] [29] [30] [31] [32] [33] [34] [35] [36] [37] [38] [39] [40]

[41] [42] [43] [44] [45]





Regulation Constraint

Reliability and Availability

Contract with Provider (SLA)

Cloud Service Quality Challenges

Process reengineering

Organization change

Top management support

Acquiring Knowledge and Expertise

Supervisory Control

Maintainability

Scalability and flexibility

Cloud Organizational Challenges

Data Management

Performance and Bandwidth Cost Challenges

Interoperability and Portability Challenges (Integration)

Service Delivery and Billing Challenges

Security and Privacy Challenges

Ref

Projec/t Title

Cloud Technical Challenges



√ √ √ √









√ √ √

√ √





√ √

√ √ √

√ √ √ √ √



REFERENCES [1] Focus Research, “The Cloud Computing Guide for Healthcare,” The Cloud Computing Guide for Healthcare, 2012. [2] H. Oh, C. Rizo, M. Enkin, and A. Jadad, “What is eHealth (3): a systematic review of published definitions,” Journal of medical Internet research, vol. 7, no. 1, 2005. [3] C. D. Norman, and H. A. Skinner, “eHealth literacy: essential skills for consumer health in a networked world,” .Journal of medical Internet research, vol. 8, no. 2, 2006. [4] eHealth Industries Innovation, “What is eHealth?,” eHealth Industries Innovation (ehi2) Centre, [Online]. Available: http://www.ehi2.swan.ac.uk/en/what-is-ehealth.htm. [Accessed 3 Apr 2014]. [5] G. Eysenbach, “What is e-health?,” J Med Internet Res, vol. 2, no. 20, p. 3, 2001. [6] R. P. Padhy, and M. R. Patra, “Evolution of Cloud Computing and Enabling Technologies,” International Journal of Cloud Computing and Services Science (IJ-CLOSER), vol. 14, pp. 182198, 2012. [7] R. Buyya, C. S. Yeo, and S. Venugopal, “ Market-oriented cloud computing: Vision, hype, and reality for delivering it services as computing utilities,” High Performance Computing and Communications, 2008. HPCC'08. 10th IEEE International Conference on, 2008. [8] P. Mell, and T. Grance, “The NIST definition of cloud computing (v15)," , Tech. Rep., 2009,” National Institute of Standards and Technology, vol. 15, pp. 1-3, 2009. [9] “Permivault,” [Online]. Available: http://www.permivault.com/. [10] Amazon, “Amazon Simple Storage Service (Amazon S3),” Amazon.com, [Online]. Available: http://aws.amazon.com/s3/. [Accessed 16 Jan 2014]. [11] Amazon, “Amazon Elastic Compute Cloud (Amazon EC2),” Amazon.com, [Online]. Available: http://aws.amazon.com/ec2/. [Accessed 16 Jan 2014]. [12] Google, “Google App Engine,” Google.com, [Online]. Available: https://developers.google.com/appengine/?csw=1. [Accessed 16 Jan 2014]. [13] Mircosoft, “Microsoft Windows Azure,” Micosoft.com, [Online]. Available: http://www.windowsazure.com/en-us/. [Accessed 16 Jan 2014]. [14] Sale Force, “Salesforce CRM,” Force.com, [Online]. Available: http://www.salesforce.com/platform. [Accessed 16 Jan 2014]. [15] “Dell Medical Archiving (PACS, RIS/HIS) | Dell,” [Online]. Available: www.dell.com/learn/us/en/70/healthcare-medicalarchiving. [16] “MIM Software - Press Release - MIMcloud 2.0,” [Online]. Available: www.mimsoftware.com/about/mimcloud20. [17] “PicomCloud,” [Online]. Available: www.picomcloud.com/. [18] “Cloud PACS | ScImage, Inc.,” [Online]. Available: www.scimage.com/cloudPACS.html. [19] S. Marston, Z. Li, S. Bandyopadhyay, and J. Zhang, “ERP on Cloud: Implementation strategies and challenges. In Cloud Computing Technologies, Applications and Management,” IEEE Cloud Computing Technologies, Applications and Management , pp. 56-59, 2012. [20] L. Yan, C. Rong, and G. Zhao, “Strengthen cloud computing

[21]

[22]

[23]

[24]

[25]

[26]

[27]

[28]

[29]

[30]

[31]

[32]

[33]

[34]

[35]

[36]

security with federal identity management using hierarchical identity-based cryptography,” Cloud Computing, pp. 167-177, 2009. Q. Zhang, L. Cheng, and R. Boutaba, “Implementation challenges of cloud computing,” in Pakistan CIO Summit & Expo, Karachi, 2013. W. Liu, and E. K. Park, “e-Healthcare cloud computing application solutions: Cloud-enabling characteristices, challenges and adaptations,” Computing, Networking and Communications (ICNC), vol. 1, no. 10, pp. 437 - 443, 2013. B. P. Rimal, A. Jukan, D. Katsaros, and Y. Goeleven, “Architectural requirements for cloud computing systems: an enterprise cloud approach,” Journal of Grid Computing, vol. 9, no. 1, pp. 3-26, 2011. J. Al-Jaroodi and N. Mohamed, “Service-oriented middleware: a survey,” Journal of Network and Computer Applications, vol. 35, no. 1, pp. 211-220, 2012. D. K. Nguyen, F. Lelli, and M. P. Papazoglou, “Blueprinting approach in support of cloud computing,” Future Internet, vol. 4, no. 1, pp. 322-246, 2012. E. AbuKhousa, N. Mohamed, and J. Al-Jaroodi, “e-Health cloud: opportunities and challenges,” Future Internet, vol. 4, no. 3, pp. 621-645, 2012. A. Khajeh-Hosseini, I. Sommerville, and I. Sriram, “Research challenges for enterprise cloud computing,” arXiv preprint arXiv, vol. 3257, p. 1001, 2010. W. Liu and E. K. Park, “e-Healthcare Cloud Computing Application Solutions: Cloud-enabling Characteristices, Challenges and Adaptations,” 2013 International Conference on Computing, Networking and Communications, Cloud Computing and Networking Symposium, 2013. M. Rodriguez-Martinez et al., “MedBook: A Cloud-Based Healthcare Billing and Record Management System,” IEEE 5th International Conference in Cloud Computing (CLOUD), pp. 899-905, 2012. M. Barua et al., “ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing,” International Journal of Security and Networks, vol. 6, no. 2, pp. 67-76, 2011. Y. C. Hsu and J. J. Hwang, “Controlling Decryption of Personal Health Records in the Cloud,” in Proceedings of the International Conference on IT Convergence and Security, Netherlands, 2011. G. Fernández-Cardeñosa et al., “Analysis of cloud-based solutions on EHRs systems in different scenarios,” Journal of medical systems, vol. 36, no. 6, pp. 3777-3782, 2012. A. Bahga and V. K. Madisetti, “A Cloud-based Approach for Interoperable Electronic Health Records (EHRs),” Biomedical and Health Informatics, vol. 17, no. 5, pp. 894 - 906, 2013. C. T. Yang et al., “Implementation of a medical image file accessing system on cloud computing,” IEEE 13th International Conference in Computational Science and Engineering (CSE), pp. 321-326, 2010. P. Boiron and V. Dussaux, “Healthcare Software as a Service: The Greater Paris Region Program Experience-The So-called “Région Sans Film” program,” 2011 15th IEEE International Enterprise Distributed Object Computing Conference Workshops, pp. 247-251, 2011. R. Hillestad et al., “Personal Health Record System and Integration Techniques with Various Electronic Medical Record

[37]

[38] [39]

[40]

[41]

[42]

[43]

[44]

[45]

[46]

[47]

[48]

[49]

[50]

[51]

[52]

Systems,” 2011 IEEE 13th International in High-Assurance Systems Engineering (HASE) Symposiu, 2011. L. Chen et al., “An Intelligent Information System for Maternal and Child Health Care,” IEEE 35th Annual in Computer Software and Applications Conference Workshops (COMPSACW), pp. 441-445, 2011. R. Bedeley and P. Palvia, “E-Health Dedicated Hybrid Cloud: a Solution to Ghana’s Health Delivery Problems,” 2012. R. Wooten et al., “Design and Implementation of a Secure Healthcare Social Cloud System,” 12th IEEE/ACM International Symposium In Cluster, Cloud and Grid Computing (CCGrid), pp. 805-810, 2012. D. Thilakanathan et al., “A platform for secure monitoring and sharing of generic health data in the Cloud,” .Future Generation Computer Systems, 2013. C. O. Rolim et al., “A Cloud Computing Solution for Patient's Data Collection in Health Care Institutions,” in ETELEMED '10. Second International Conference on eHealth, Telemedicine, and Social Medicine, 2010, St. Maarten, 10-16 Feb. 2010. B. E. Reddy, T. V. S. Kumar, and G. Ramu, “An Efficient Cloud Framework for Health Care Monitoring System,” in International Symposium on Cloud and Services Computing (ISCOS), 2012 , Mangalore, 2012. C. Thuemmler et al., “Applying the Software-to-Data Paradigm in Next Generation E-Health Hybrid Clouds,” in Information Technology: New Generations (ITNG), 2013 Tenth International Conference on, Las Vegas, NV, 2013. J. Puustjarvi and L. Puustjarvi, “Designing a cloud-based multinational telemedicine ecosystem for developing countries,” in IST-Africa Conference and Exhibition, IST-Africa, 2013. O. Almutiry, G. Wills, and A. Alwabel, “Toward a framework for data quality in cloud-based health information system,” in Information Society (i-Society), 2013 International Conference on. IEEE, Toronto, ON, 2013. Microscoft Corp, “Privacy in the Cloud: A Microsoft Perspective,” Nov 2010. [Online]. Available: http://www.microsoft.com/privacy/cloudcomputing.aspx. [Accessed 14 Jan 2014]. Google Privacy Center Google, “Privacy Policy,” Google, 3 Oct 2010. [Online]. Available: http://www.google.com/intl/en/policies/privacy/. [Accessed 14 Jan 2014]. Amazon Web Services, “AWS Privacy Notice,” Amazon, 1 Oct 2008. [Online]. Available: http://aws.amazon.com/privacy/. [Accessed 14 Jan 2014]. US Department of Health & Human Services, “Health Information Privacy,” HHS.Gov, 1996. [Online]. Available: http://www.hhs.gov/ocr/privacy/. [Accessed 14 Jan 2014]. MoJ, “Personal Information Protection and Electronic Documents Act (PIPEDA),” Minister of Justice, Canada, 1 Jan 2011. [Online]. Available: http://laws-lois.justice.gc.ca/PDF/P8.6.pdf. [Accessed 14 Jan 2014]. SAP, “SAP Business ByDesign,” SAP.com, [Online]. Available: http://www.sap.com/pc/tech/cloud/software/businessmanagement-bydesign/overview/index.html. [Accessed 16 Jan 2014]. K. Häyrinen, K. Saranto, and P. Nykänen, “Definition, structure, content, use and impacts of electronic health records: a review

[53]

[54] [55]

[56] [57] [58]

[59]

[60] [61]

[62]

of the research literature,” International journal of medical informatics, vol. 77, no. 5, pp. 291-304, 2008. J. M. Grossman, A. Gerland, M. C. Reed, and C Fahlman, “Physicians’ experiences using commercial e-prescribing systems,” Health Affairs, vol. 26, no. 3, pp. 393-404, 2007. H. Akhlaghi and H. Asadi, Essentials of telemedicine and telecare, Chichester: Wiley, 2002. R. Bose, “Knowledge management-enabled health care management systems: capabilities, infrastructure, and decisionsupport,” Expert Systems with Applications, vol. 24, no. 1, pp. 57-71, 2003. Medscape, Medscape.com, [Online]. Available: www.medscape.com. [Accessed 17 Jan 2014]. MDLinx, MDLinx.com, [Online]. Available: www.mdlinx.com. [Accessed 17 Jan 2014]. M. J. Boniface, T. A. Leonard, M. Surridge, and S. J. Taylor, “Accessing patient records in virtual healthcare organisations,” eChallenges Ljubljana, Slovenia, 2005. G. Phillips et al., “The effectiveness of M-health technologies for improving health and health services: a systematic review protocol,” BMC research notes, vol. 3, no. 1, p. 205, 2010. A. Armoni, Healthcare information systems, London: IGI Global, 2000. C. W. Lin et al., “Empowering Village Doctors and Enhancing Rural Healthcare using Cloud Computing in a Rural Area of Mainland China,” Computer Methods and Programs in Biomedicine, 2013. “The MED (Regional Medical Center at Memphis),” [Online]. Available: www.the-med.org.

BIOGRAPHY Noura Al Nuaimi is pursuing a Ph.D with Dr. Mohammad Mehedy Masud in Information Technology at UAEU. She holds an MSc in Business Administration from Abu Dhabi University and a BSc in Software Engineering from UAEU. Her research interests focus on data mining and knowledge discovery, cloud computing, health information systems, search engines and natural language processing. Asma Al Shamsi is perusing her Master Degree at The Faculty of Information Technology, United Arab Emirates University, UAE. She received the bachelor’s degree in Software Engineering from United Arab Emirates University, UAE. Her research interests are in the fields of Data Mining, Healthcare and Cloud Computing. Nader Mohamed is an associate professor of Information Technology at The College of Information Technology, UAEU, Al-Ain, UAE. He obtained his Ph.D. in Computer Science from University of Nebraska-Lincoln, Nebraska, USA in 2004. Between 2004 to 2006, he was an assistant professor of Computer Engineering at Stevens Institute of Technology in New Jersey, USA. His current professional interest focuses on middleware, cloud computing, sensor networks, unmanned aerial vehicles, internet computing, and networking. Jameela Al-Jaroodi received her PhD. in Computer Science from the University of Nebraska-Lincoln, USA in 2004 and joined Stevens Institute of Technology, New Jersey, USA as a research assistant professor. In 2006 she moved to the College of Information Technology at UAEU, UAE as an assistant professor and later she became an independent researcher. Her research interests involve middleware, distributed systems, and Cloud Computing. She published over 100 refereed articles in international Journals and conferences.

Suggest Documents

e-Health Cloud Implementation Issues and Efforts

e-Health Cloud Implementation Issues and Efforts
Read more
e-Health Cloud Implementation Issues and Efforts

e-Health Cloud Implementation Issues and Efforts
Read more
Cloud Computing Issues at Design and Implementation Levels – A

Cloud Computing Issues at Design and Implementation Levels – A
Read more
Implementation Issues of Variogram Cloud Plots and Spatially Lagged

Implementation Issues of Variogram Cloud Plots and Spatially Lagged
Read more
Scope of Policy Issues for eHealth - Making the eHealth Connection

Scope of Policy Issues for eHealth - Making the eHealth Connection
Read more
DACAR Platform for eHealth Services Cloud - CiteSeerX

DACAR Platform for eHealth Services Cloud - CiteSeerX
Read more
Implementation of eHealth patient–provider ...

Implementation of eHealth patient–provider ...
Read more
Survey of Cloud Computing Issues at Implementation Level - CiteSeerX

Survey of Cloud Computing Issues at Implementation Level - CiteSeerX
Read more
Critical Issues Refraining Implementation of Cloud Computing ... - IJIET

Critical Issues Refraining Implementation of Cloud Computing ... - IJIET
Read more
BUSINESS MODELS FOR SUSTAINED EHEALTH IMPLEMENTATION

BUSINESS MODELS FOR SUSTAINED EHEALTH IMPLEMENTATION
Read more
Architecture, Protocol, and Implementation Issues

Architecture, Protocol, and Implementation Issues
Read more
Traditional and Cloud ERP Implementation

Traditional and Cloud ERP Implementation
Read more
key issues and future perspectives on identity management in ehealth

key issues and future perspectives on identity management in ehealth
Read more
Security, Privacy and Legal Issues in Pervasive eHealth Monitoring ...

Security, Privacy and Legal Issues in Pervasive eHealth Monitoring ...
Read more
Security, Privacy and Legal Issues in Pervasive eHealth ... - IEEE Xplore

Security, Privacy and Legal Issues in Pervasive eHealth ... - IEEE Xplore
Read more
Top rogue cloud issues

Top rogue cloud issues
Read more
eHealth

eHealth
Read more
digital library initiatives and issues in india : efforts on ... - CiteSeerX

digital library initiatives and issues in india : efforts on ... - CiteSeerX
Read more
country profile on: patient safety issues and efforts: malaysia

country profile on: patient safety issues and efforts: malaysia
Read more
eHealth

eHealth
Read more
eHealth

eHealth
Read more
Physician & Community eHealth - eHealth Ontario

Physician & Community eHealth - eHealth Ontario
Read more
Challenges and Issues Within Cloud Computing Technology

Challenges and Issues Within Cloud Computing Technology
Read more
Mobile Cloud Computing: Security Issues and Considerations

Mobile Cloud Computing: Security Issues and Considerations
Read more