This article can also be found in the Premium Editorial Download "Storage magazine: Storage managers give thumbs up to IP storage."
Download it now to read this article plus other related content.
For decades, data storage at the average health care institution was low tech: Stacks of file folder-stuffed boxes were tucked away in some out-of-the-way rooms. Over time, the logistics of dealing with the accumulated volume of patient records, even in microfiche format--as well as a not-so-gentle nudge from the federal government in the form of HIPAA--propelled health data into the digital age.
Compounding the storage problem are medical technology advances like MRIs, as well as a growing number of network connections to pharmacies, other health care organizations and physicians. Add in the fact that HIPAA requires some patient records to be accessible for up to 21 years. Then throw in dramatically increased requirements for security and patient confidentiality, and it all adds up to a recipe for a health care storage emergency.
HIPAA raises the bar
Whether by direct order or inference, there's no denying that HIPAA has upped the storage ante for health care providers. For example, the Commonwealth Health Corp., Bowling Green, KY, has three medical campuses with a total of 537 beds. CIO Matt Ebaugh estimates his storage at about 1TB, which is growing at 10% a year.
That's about average, says Hardy North, Dell Computer Corp.'s director of business development for health care. "Providers in the 200 to 300 bed range typically approach a terabyte in storage needs."
Bill Lazarus, assistant VP of IS technology
Andy Porter, senior engineer at St. Vincent's Hospital in Indianapolis says, "In the past, there was no hard and fast rule about how long you needed to keep data around. There were some JCAHO [Joint Commission on Accreditation of Health care Organizations] guidelines, but not everyone subscribed to them." HIPAA storage retention guidelines, for example, suggest five years for mammograms, 10 years for adult records and 21 years for pediatric care patient records. Even though Porter feels that the clarity of HIPAA's storage guidelines "is about 10 degrees worse than IRS regulations," he errs on the cautionary side."
Couple the HIPAA guidelines, Porter adds, "with PACS [Picture Archiving and Communication System], where the images are getting larger." For example, a technician can take a CT scan, slice it up in different ways and do a three-dimensional modeling of it. That takes massive amounts of storage, he says, and if it's involved in a patient diagnosis, it's data that must be kept. Currently, St. Vincent's utilizes 45TB on two storage area networks (SANs) and about 18TB in direct-attached storage (DAS).
Adding to the storage bulk is the necessity to transfer paper-based patient records to disk--a labor-intensive and costly process. One option is to scan in old documents as images. The last option is to simply ignore old records.
St. Joseph's is letting the old data sit. Lazarus says a majority of his departments don't see value in pulling that data forward at the expense of their existing storage capacity.
This was first published in March 2004