Enabling Data as a Service for Healthcare Providers

White Paper

Enabling Data as a Service for Healthcare Providers Revision: 3 August 2011 You can find the most up-to-date technical documentation at: http://www.delphix.com/support The Delphix Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: help@delphix.com 2011 Delphix Corp. All rights reserved. The Delphix logo and design are registered trademarks of Delphix Corp. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Delphix Corp. 275 Middlefield Road, Suite 50 Menlo Park, CA 94025 www.delphix.com

Enabling Data as a Service for Healthcare Providers

The American Recovery and Reinvestment (ARRA) Act of 2009 introduced sweeping reforms in the healthcare sector. One of its major provisions was the creation of financial incentives for migration from paper or homegrown systems to integrated, standards based Electronic Health Record (EHR) systems by 2014. In fact, a 2010 survey showed that EHR deployments topped the list of priorities for healthcare IT teams. This trend is ushering the healthcare industry into the big data era with many benefits in the areas of medical data exchange, diagnoses error reduction, and overall patient care quality. Digitized data, however, is accompanied by clear challenges and obstacles that must be addressed in order to benefit from the next generation of healthcare technology.

Data Management Inefficiencies

The adoption of commercial standards based EHR applications introduces significant hardware, software, storage, and database costs. The sheer volume of data also necessitates more manpower to manage applications and underlying data stores. In this context, organizations need to consider not only the production database but also the numerous copies required for application development, QA, support, training, reporting and other purposes. In an Enterprise Strategy Group survey, over 50% of respondents indicated they create up to 10 copies of their production database for secondary usage. In healthcare, lengthy data retention periods and consumer rights to request comprehensive access reports, as mandated by the HIPAA Act, lead to data being stored in online, analysis- friendly databases. Associated database costs are compounded for healthcare providers because data schemas and formats vary from one department to another (e.g. radiology vs. oncology). It is not uncommon for a large hospital to use dozens of different clinical application vendors. On the backend, these applications may require supporting different databases and even specific versions. The multiplying effect of a heterogeneous application environment, long retention periods, and numerous production copies makes database overhead costs a barrier to EHR adoption. Largely a non-profit industry, the healthcare provider sector cannot assume its IT budgets will grow at the rate of digital data. Realizing the benefits of electronic medical records will require technology that allows healthcare data to scale without proportional increases in data management costs.

Application Lifecycle Paralysis

Just as soon as healthcare providers bear the infrastructure capital costs for new EHR systems, they will have to face the unavoidable operational costs and process inefficiencies that accompany big data transformations. Beyond the initial rollout, providers will need to contend with increasing data analysis requests for proactive diagnostic data mining, hospital efficiency reporting, and clinical studies. Similarly, end users will push for access to functionality available in new versions of clinical, billing, and other applications. For IT data management teams, this translates into more database copies and frequent refreshes for development, testing, staging, assurance, support, reporting, training, etc. Yet, today, the average enterprise can take several weeks just to provision a single database copy into a new environment. Many healthcare organizations are also considering SaaS EHR applications offered directly by clinical application vendors or their partners. While cloud based offerings enjoy greater efficiencies in data management from economies of scale, the service levels they guarantee are inherently limited by the same database management challenges. To truly deliver data as a service and meet end user expectations, healthcare IT teams need far more agility regardless of whether the data is stored in traditional data centers or pushed to the cloud.

Uncontrolled Proliferation of Sensitive Data

The huge market for stolen identities has made healthcare organizations a target of cybercriminals looking to breach any data that can be a source of profit, including medical records, patient or doctor identifiers, demographic information, as well as financial accounts stored to facilitate patient payments. A related consequence of the sharp rise in medical data breaches is increased regulatory oversight. For example, HIPAA, which mandates due diligence in securing medical records, has been reinforced by stronger penalties as well as stringent audit and breach disclosure requirements. Healthcare providers face unique challenges in maintaining patient data privacy and meeting regulatory audit requirements. Rotating nurse and doctor shifts along with emergency data access make it very hard to define and enforce tight access controls. Instead, providers have to rely on broad access followed by close auditing after the fact to determine unauthorized access. The challenge of securing medical data is magnified by the large number of clinical applications and database copies that are spawned to support the application lifecycle or reporting requests. The benefits of digitization in healthcare can easily be offset by security and privacy risks if providers do not have visibility and control over highly personal and sensitive medical records across production and supporting copies of patient databases.

Delphix Data as a Service Platform

Delphix uniquely addresses the data management, application agility, and data control challenges through patent-pending database virtualization technology that enables delivery of Data as a Service. Delphix software can be rapidly deployed on standard hardware, virtual machines, or in the cloud. It then uses an agent-less and non-invasive approach of connecting to a production database through standard APIs, without requiring any production database changes. The connection is initially used to create a single full copy of the database files and logs. Through intelligent filtering and compression, Delphix can deliver up to 75% data reduction even during its initial database load. Thereafter, Delphix follows user-defined synchronization policies to keep a TimeFlow, or recording of changes, to keep pace with the production database. The full database copies normally created for development, testing, etc. generally have 90% or more overlap in data. Delphix minimizes storage overhead, however, by only requesting and recording changed data and log blocks. This approach also reduces the load on production databases compared to the prevailing practice of full data dumps. The biggest efficiency and agility gains, however, come from Delphixs ability to combine its TimeFlow with the shared footprint from the initial database load. This capability enables Delphix to instantly provision or refresh full read- write virtual databases (VDBs) from any point in time within a defined retention window. Consolidation of Non-production Databases

Increased IT Efficiency
Consider a hospital with just a dozen clinical, billing, scheduling and other applications. With the industry average of 9 database copies to support each applications lifecycle, the hospital IT staff quickly ends up with over 100 databases to manage. The sheer manpower, storage and other infrastructure costs associated with provisioning and refreshing 100 databases can be overwhelming. The Delphix database virtualization solution cuts through this all-consuming exercise and injects dramatic efficiencies into the healthcare providers IT staff and budget.
5

10x infrastructure and storage costs savings through elimination of redundant data 20x time savings from self-service database provisioning, refresh, and rollback Re-focus IT manpower on higher value projects that improve care delivery

Application Lifecycle Agility

Now consider a large hospital system concerned about the competitive edge a neighboring caregiver is gaining through public declarations of higher efficiency and lower misdiagnosis resulting from its recent EHR rollout. The hospital chain puts together a project plan for its own EHR rollout, but the pressure to upgrade other applications, the complexity of integrating patient data from legacy patient data silos, and long change management processes result in a 12- month plan with no hope for catching up within the fiscal year. Self-service VDB provisioning with Delphix can reverse such agility dilemmas by accelerating application delivery and ongoing troubleshooting. Similarly, tedious data integration projects can be simplified with the LogSync capability of Delphix, which LogSync: Time Machine for Databases can provision multiple VDBs all at the exact same point in time.

2x faster rollouts and upgrades of applications Reduced application risk from rapid troubleshooting Simplified integration of data across production sources

Secure and Controlled Sensitive Data

A hospital in a major urban area regularly serves local celebrities from the entertainment industry and local sports franchises. The hospital enforces security controls on its primary patient database but is unable to track or protect the proliferating database copies used for testing, training, and other purposes. A HIPAA audit points out the glaring omission and also catches cases of celebrity, neighbor, and other snooping in these secondary physical database copies. Delphix inherently reduces the risk of security and privacy breaches by avoiding uncontrolled physical database copies and instead relies on a single authoritative master copy along with subsequent changes. It has full control and awareness of all VDBs created and also provides complete audit logging to track provisioning, refresh, and delegation tasks by privileged users. Additionally, Delphix supports industry leading data masking and obfuscation tools from Oracle, Informatica, and IBM, which enable it to create secure VDBs for non-production use.
6

Data privacy and security without reduced usability or time to delivery Assurance of full control and auditing over privileged user actions Elimination of sensitive data in VDBs through support for data masking tools

Summary
The healthcare provider sector has a clear opportunity to modernize care delivery by adopting new data interchange standards and EHR systems. The resulting data explosion, however, also introduces significant data management overhead, application rigidity, and data privacy risks. The Delphix Data as a Service platform uniquely addresses these challenges and creates an accelerated path for providers to realize the benefits of the impending digital transformation. Request an assessment and pilot by contacting us at sales@delphix.com or visit us at http://www.delphix.com for more information.
2011 Delphix Corp. All rights reserved. Specifications subject to change without notice. All information in this data sheet is strictly confidential. Please do not copy or distribute to other parties.