Expanding cloud-based services
For states that are struggling with tight budgets, constant demands and limited IT resources, cloud-based services can offer much-needed relief. However, understanding the cloud’s features and benefits — including how cloud approaches provide data security — can seem daunting for states considering cloud-based storage for highly sensitive data, including personal health information.
Cloud-based solutions, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), are on the rise. While state CIOs understand the value of cloud services, it can be difficult to keep pace with the rapid advances in technology and associated opportunities. In addition, laws, regulations and policies are typically seen as barriers to cloud services.1
It should be recognized that the core cloud concepts of external data and data processing are not a new trend. States have been contracting with third parties to perform off-site data processing for decades:
|Business process||Description||Applications in cloud|
|Insurance for state employees||States contract payers to manage and process health insurance for employees.||State employee PHI and PII data are hosted off site. Employee can access their profile and claims data via secure web portal.|
|Managed Medicaid||States contract payers to manage and process the health insurance for residents.||State residents PHI and PII data are hosted off site. Residents access their profile and claims data via secure web portal.|
|Health information exchange||Payers publish member data to an information exchange for the state.||Member PHI data is stored in an edge server and accessed by the state over the Internet.|
Understanding the cloud — and SaaS
There are many reasons why cloud-based services are an attractive option. Cloud capabilities can be used to build a solution in whole or in part to supplement existing state systems. The term “SaaS,” which is often used interchangeably with the cloud, is actually a piece of software or a set of software solutions delivered over the Internet. To put it simply, SaaS is part of the functionality while the cloud is where the solution resides.
Since the service provider owns and handles the software and hardware, the cloud-based platform provides economies of scale and efficiencies the state could not otherwise obtain.2 This also means the state is not burdened with development costs or risks, nor must it invest in, or be burdened by, constantly changing hardware and software technologies.
Why the cloud makes sense
There are five key reasons that states should consider leveraging cloud-based services:
- Adoption is fast and easy
- Cloud-based service features are continuously updated
- Flexibility is intrinsic to the cloud environment
- Costs are lower
- IT burdens can be shifted
Data security in the cloud
Data stored in the cloud does not necessarily pose a bigger risk than internally stored data. Cloud providers actually have great incentive — and substantial means — to invest in data backup and security, as their business depends on the data remaining secure. Going a step further, cloud providers must prove, on a routine basis, that they can protect a state’s data, and that those protections can withstand audits and federal government scrutiny.
Taking a deeper dive into cloud functionality will help policy makers and others better assess the actual risk, and envision a future where server assets can securely and efficiently migrate to the cloud, where elastic capacity reshapes and redefines states’ core competencies, and where significant cost savings can be achieved.
To learn more about the benefits and capabilities of cloud-based services, please download our white paper, “Expanding cloud-based services allows states to be flexible, efficient and save tax dollars.”
- Meredith Ward, Senior Policy Analyst, NASCIO, “Capitals in the Clouds. Part V1: Cloud Procurement: From Solicitation to Signing,” NASCIO Cloud Computer Services, (2014).
- Center for Digital Government, “Best Practice Guide for Cloud and As-a-Service Procurements” (Sept. 10, 2014).