New regulations mandate the digitization and retention of medical records, leaving hospital IT pros looking to...
cut costs by centralizing image archives. But there are many technical and political hurdles to overcome.
Hospital and medical center IT departments are struggling to control the storage of electronic medical images as new regulations require digitization and retention of medical records. Many of the issues related to these efforts will be familiar to enterprise IT pros in other industries, from application integration and centralization of IT assets for delivery as a service to internal customers, to coping with regulatory requirements that contribute to data growth.
But when it comes to the healthcare sector, the same decisions are magnified because the business is literally life and death. Hospital IT managers say that in addition to technical integration issues, interdepartmental politics, and the question of who will assume the risk for the creation and preservation of medical image data make the effort to bring image data under more efficient centralized control an uphill battle.
As healthcare IT has evolved, users say data storage systems for different imaging systems, such as X-rays and cardiology images, have been purchased by the department running each picture archiving and communication system (PACS) application, and are often sold by PACS vendors as turnkey packages that include storage hardware. Today, large medical centers are contending with growing islands of storage while coping with shrinking budgets. As regulations and data continue to mount, hospital CIOs and IT admins are looking to centralize image archives to make them more manageable and cost-efficient.
"It's like trying to herd cats to do integrated PACS archiving," said Michael Passe, storage architect at Beth Israel Deaconess Medical Center (BIDMC) in Boston. However, "the storage platform is managed by IT and, long term, we'd like to offer it as a service where we control the budget instead of 20 different people doing different projects," he said.
Michael Biedermann, systems analyst at University of New Mexico Hospital in Albuquerque, said PACS vendor Royal Philips Electronics of the Netherlands is hosting archival data for the hospital's main radiology system, which takes some of the burden of data growth off IT's hands. "It's mostly the smaller systems that we're still running in-house that we're trying to get a handle on," Biedermann said. "When they were originally presented to us, IT was never given a real roadmap of how this was all going to work. When it all started, we had no clue what to try to prepare for. Now we're trying to kind of fix this all on the fly. That's why this universal vendor-neutral archive, if it truly existed, would be a godsend."
Other hospitals are also contending with facility and staffing limitations that make managing multiple, growing islands of storage all but impossible. "We're a small shop. We have two people that are network folks and do data center and storage, and kind of wear all the hats," said Marty Botticelli, CIO at Boston-based New England Baptist Hospital (NEBH). Massachusetts requires X-ray images to be retained for 30 years.
The goal: Vendor-neutral archives
Michael J. Cannavo, president of Image Management Consultants, a Winter Springs, Fla.--based PACS consulting firm, has coined the terms "vendor-neutral archive" (VNA) and "vendor enterprise archive" (VEA) to describe the vision of centralized archives for image data, as well as centralized archives that blend not only multiple imaging formats but other types of electronic medical record data in an integrated repository.
"A VNA is a standards-based archive that works independent of the PACS provider and stores all data in non-proprietary interchange formats," Cannavo said. A true VNA, he argues, would provide "context management" (metadata) that allows information to be transferred seamlessly among disparate PACS operations through the Digital Imaging and Communications in Medicine (DICOM) and Health Level 7 (HL7) standards, without requiring data migration and reformatting. Such an archive would cut down on the expense and time required to migrate data as technology advances, improve disaster recovery (DR) and business continuity (BC), and provide a centralized "one-stop shop" for patient data readily accessible by physicians.
"You don't want to have to migrate the entire repositories or have to have multiple architectures with support and service contracts," Cannavo said. "A ton of education needs to go on about using centralized archives."
Standards aren't the only issue
One of the main obstacles to achieving VNA and VEA utopia is that the DICOM standard is applied differently by different vendors. "DICOM is not a standard about what to communicate; [it says] 'If you communicate, here's what to do,'" said Michael Valante, global business lead for enterprise imaging informatics at Philips Healthcare. "The number of [metadata] elements mandatory in DICOM is not equal to the amount of metadata that actually needs to be communicated. Different modalities within the same organization may deliver different data elements with different exams."
Healthcare IT managers say there are a multitude of other logistical hurdles to clear as well, including data center space, budgetary restrictions, internal politics, and the difficulty of performing data migrations and forklift upgrades.
NEBH's Botticelli said space is at a premium in his facility, located in one of the more expensive cities for real estate in the country. "Our facility is over 100 years old and there are not a lot of places for us to just continue to put on-site spinning disk," he said.
Internal budget negotiations and territorial politics that have grown up around disparate systems can also be a barrier to centralization. According to BIDMC's Passe, his organization is rolling out EMC Corp.'s Atmos system as a centralized, scalable archive for images. There are two 120 TB "cubes" installed and storing cardiovascular diagnostic data among multiple modalities in the cardiac space, and BIDMC may add another cube for radiology, currently approximately 100 TB stored on an EMC Centera. But Passe said different departments might compete for budget and revenue within hospitals, and sometimes don't want to share systems with other departments or are hesitant to cede control to IT.
"We had a green-field opportunity with cardiology. They don't have 100 TB worth of images," Passe said. "We've been waiting to kind of pull [radiology] into the fold but we needed some kind of track record . . . having IT manage the long-term stuff. We're still working through some of this stuff with radiology."
Even when everyone is on board, budget issues can thwart efforts. "This, to me, is something we want to do and we have to do, but when I think of everything else on the plate, I can see this being a much lower priority," said Brad Blake, director of infrastructure and engineering at Boston Medical Center (BMC). "This is all stuff that we all want to do, but I just can't fathom it being a priority or something that's going to get what little budget money is available in the coming year."
The difficulty of migrating data can also impede centralization efforts, according to Image Management Consultants' Cannavo, who predicts it will take years to see widespread progress on such projects. "Data migration is not cheap, not fast and you have to plan before you can use it," he said. "As it stands, virtually everyone out there has to migrate from one format to another."
Some resistance from PACS vendors
Users also say PACS vendors can stand in the way of merging archives. "If you look at PACS systems in general there's not a lot of standardization across a lot of these solutions. Each solution is vendor specific, and they package [hardware with it] so it's a whole solution when they sell it," said Irwin Teodoro, director of systems integration at Laurus Technologies Inc., a VAR with consulting and sales practices dedicated to healthcare IT.
NEBH's Botticelli said he's looking to use Iron Mountain Inc.'s Digital Records Center for Medical Images (DRCMI) to get around his data center space problem, but has run into resistance from his PACS vendors. "It's not like we're the first ones in the country to do this, but when we brought this solution to the table there was just a lot of resistance: 'How are you going to migrate the data?' and 'We need to sign off on it,'" he said. "It's taken us a long time -- a good six months -- to really utilize the technology that we feel would provide us a vendor-neutral solution for medical imaging."
Other users have encountered similar resistance, but not just because PACS vendors are trying to protect their own bottom lines. "PACS vendors are not open to remote hosted or centralized [storage] unless it's theirs. [But] it's really driven by the performance guarantees that health systems are requiring from the vendors," said Steven Roth, vice president and CIO at PinnacleHealth System, Harrisburg, Pa.
PinnacleHealth has much of its PACS data archived offsite by Philips, which also assumes the risk for uptime and performance, Roth said. "In our example, we had . . . an agreement with Philips where they are at risk for delivering [fast] response times with five-nines reliability, and they basically have said, 'We will not take the risk at that level of performance unless we can manage and control the environment,'" Roth said.
But others in healthcare IT argue that providing performance and availability is what IT departments are in the business of doing. "It's not up to the vendor to put you in a compliant mode. It's up to us," said Jim Touchstone, senior systems engineer at Mississippi Baptist Health Systems (MBHS) in Jackson. The hospital worked with its vendors to put together its own integrated data center stack. The infrastructure includes a primary IBM DS8300 SAN storage system shared among modalities and an IBM N5200 array for disk-based near-line archiving.
"This 8000 array . . . we've had it on our floor for four years and, knock on wood, never had one minute of downtime with it," Touchstone said. "We've had the N5200 for four years, and we've failed over before because we had a drive go out, but we never had any downtime. Our network is fully redundant; there are answers for the availability problem."
"As an industry we're not at odds with or opposing . . . what our users want to do," said Philips Healthcare's Valante. In addition to the Health Insurance Portability and Accountability Act (HIPAA), the American Recovery and Reinvestment Act (ARRA) and state requirements for retention of records, devices hosting PACS information are regulated by the Food and Drug Administration (FDA). Compliance with those regulations is also a risk PACS vendors assume for customers, Valante argues. "Once you start opening those doors, you're accountable to FDA filing," he said. "We do a lot of exhaustive validation and testing."
Some hospitals undaunted
"They must all go to the same school because I heard that same thing about it being a certified, FDA approved, blah blah blah. When push came to shove, I didn't listen and [my PACS vendor] supported it," said Michael Knocke, CIO at Kansas Spine Hospital in Wichita. The hospital has approximately 6 TB of capacity on primary, local secondary and remote secondary Compellent Technologies Inc. SANs, and runs PACS applications from a single vendor across the board. (Knocke declined to identify the vendor.)
Knocke acknowledges he had some advantages that larger facilities don't have, including a smaller data set and a single PACS vendor for all modalities. "But that didn't make it easy," he said. "At the time that I moved my images from where they were being stored originally to a Compellent SAN, the [PACS system] OEM vendor was not happy. They basically said, 'No you can't do that' and I said 'Well, I'm going to do it' and they begrudgingly continued to support me even though there were threats."
Micha Ronen, PACS administrator at Phoenix-based Sun Health Corp., which was acquired by Banner Health in 2008, is in the process of merging his NetApp Inc.-based PACS archiving systems into Banner Health's Bycast grid (Bycast Inc. was acquired by NetApp in 2010). "One of the beauties of Bycast is that for us, migration is not an issue," Ronen said, because it can layer over heterogeneous storage repositories without requiring data to be moved. At least, that's how Bycast has worked historically; NetApp has since said it will not support third-party storage systems going forward under its Bycast-based StorageGRID software unless they're fronted by its V-Series gateway and made to look like NetApp storage.
Ronen is unconcerned with this change. "For us, I don't foresee any problem. They would definitely like to get a bigger share of the storage we have and so will have to accommodate our environment."
Archive alternative: Cloud storage
While some users forge ahead with internal centralization efforts, other healthcare IT managers are eyeing private or public cloud storage as a solution to data growth and manageability in the face of obstacles to centralization.
"In Massachusetts, the retention for medical records was 30 years, seven years for images and office records, and now [there's talk] they're going to change that regulation to 15 years, but that's still 15 years of storage," said NEBH's Botticelli. "That's huge. For us, we just don't have buildings and data center space to put up the spinning disk. It's a challenge."
BIDMC's Passe is sticking with the internal private cloud route for now using Atmos. "Atmos support for multi-tenancy gives the ability to securely wall off one department's data from another and show them what their usage is," he said. "The internal cloud is like dipping a toe in the water. When we first looked at it, it seemed like the right thing; it's just that everybody's terrified of the security model and the SLA model when you start to go into the 'real [public] cloud.'
"I can see [external public clouds] being useful if you're spinning off organizations, or if you're bringing in new external organizations, or if you have to bring in data from external organizations that you're being paid on a contract basis to read," Passe continued. "When [PACS vendors] make the leap and start to look at REST in earnest, it's huge . . . Web 2.0 includes the metadata with the object, so imagine not having to have the databases . . . that eliminates one more piece of the puzzle or at least makes it redundant so if the database crashes, you can rebuild it from the objects themselves."
"In theory, vendor neutrality would eliminate a lot of costs in the environment," Laurus Technologies' Teodoro said. "I just don't know the feasibility of [centralization]. I think healthcare organizations will look at the cloud first."
BIO: Beth Pariseau is a former senior news writer for TechTarget's Storage Media Group; she is now assigned to TechTarget's Data Center Media Group.
- Impact of General Data Protection Regulation on Storage Systems –IBM
- The EU General Data Protection Regulation –Oracle Cloud
- Implementing General Data Protection Regulation in SAP Environments –Attunity
- Preparing for the General Data Protection Regulation –Fortinet, Inc.