Capitalize On Healthcare Mandates

By Jay McCall, Business Solutions magazine

Healthcare is projected to experience significant growth in the next few years, but resellers need to understand key industry drivers before they can cash in.

According to the latest research from Insight Research, providers, payers, and physician groups will be spending more than $69 billion on healthcare-related IT and telecommunications services over the next six years. “This projected growth is primarily due to the demand for numerous applications, including EMRs [electronic medical records], EHRs [electronic health records], CPOE [computerized physician order entry] systems, and other nonclinical systems,” says Erick Knock, director of healthcare at BlueStar. Knock also believes that IT will be the key enabler of improving patient outcomes through better clinical decision making.

On the downside, industry regulations like the Affordable Care Act are actually causing many healthcare organizations to put their budgets on hold. “They are focused on trying to determine what their budgets are going to be,” says Jim Stankevich, CHPA, global manager of healthcare security at Tyco Security Products. “There will always be a demand in the healthcare vertical, but depending on how much hospitals have to spend, security sales could be restricted.” Hospitals don’t know how patient/reimbursement payments are going to be made at this time, and this uncertainty is causing them to be more cautious than ever. Stankevich does believe that hospitals that already had money set aside for major improvements will probably be able to move forward with their security projects. “The reality is that healthcare organizations cannot afford to take a reactive approach to IT security; there is simply too much at stake,” says Gadi Piran, president of OnSSI.

Healthcare Mandates, Your Customers, And You
One of the key IT buying characteristics in healthcare revolves around industry mandates. Sometimes this works against resellers, as was already mentioned above, but oftentimes it can be a positive. “One of our channel partners recently shared that one of their not-for-profit healthcare clients, who relies on grant money, was mandated to implement a BDR [backup and disaster recovery]/business continuity solution in order to receive the grant money,” says Tom Simon, director of sales at Datto.

According to BlueStar’s Knock, three of the most significant market drivers within healthcare IT are the American Recovery and Reinvestment Act (ARRA), Health Information Technology for Economic and Clinical Health (HITECH, passed as part of ARRA), and the Patient Protection Affordable Care Act (PPACA). “These government regulatory and legislative actions, as well as financial incentives, are driving providers to examine new technologies that improve both utilization and patient outcomes. Since 2009, ARRA has funded approximately $30 billion in incentive programs to support funding for EMRs.”

If there’s one technology that cuts across nearly every aspect of healthcare, it’s mobility. “With the proliferation of mobile devices and the increasing use of tablets and smartphones to deliver bedside care and access patient information, the complexities of managing access to strictly personal health information and protecting against data breaches have only increased,” says Pavan Vyas, product marketing manager at Asigra.

Data breaches today are frequent and can come from a variety of sources — attacks from malicious software; missing or lost tape drives; stolen or lost laptops, tablets, or smartphones; and lost paper documents. “A healthcare breach can lead to millions of dollars in fines and remediation costs,” says Vyas. “This potential threat presents an opportunity to service providers who can help their customers become compliant and protect their data.”

Vyas advises solutions providers to keep security standards top of mind at all times. “A good backup and recovery platform should encrypt data at its source using a NIST [National Institute of Standards and Technology] FIPS [Federal Information Processing Standards] 140-2-certified algorithm, such that the data is encrypted both when traversing through public networks and when stored in the backup repository.” The NIST FIPS 140-2 certification is a necessary condition to achieve compliance with regulations such as HIPAA in the United States and the PIPEDA (Personal Information Protection and Electronic Documents Act) in Canada. “Also, by leveraging technologies such as deduplication and compression, service providers can help reduce the network and storage costs for healthcare organizations facing the challenges of burgeoning data growth.”