The benefits of vendor neutral archives in healthcare have been well rehearsed. But could combining this kind of storage with the growth of cloud yield even more advantages for the NHS? Maja Dragovic investigates.

In Moscow, more than 660 health facilities – primary care and hospitals alike – use the same health data platform. To a UK mind, used to immense fragmentation across IT systems, that is striking enough. But learn that the system’s records are stored in the cloud, and all data stored in a vendor neutral format, and the setup becomes even more mind-boggling.

“If you want to move forward, effective and sustainable architecture will require vendor neutral storage of data,” contends Tomaž Gornik, chief executive of Marand. It is this Slovenian company that supplies Moscow’s health facilities with Think!EHR, a cloud platform storing clinical data in a vendor-neutral openEHR format.

“All clinical data is stored centrally, independent of the applications, for the lifetime of a patient, and in a vendor-neutral format,” explains Gornik. “It will always be readily available through the platform to every app within the ecosystem.”

He speaks of the idea of separating content from technology, with structured data decoupled from applications. The openEHR platform stores four kinds of data in this vendor neutral format – observations, evaluations, orders and actions – meaning a leap on from the traditional view of VNAs, which tended to centre on imaging.

Another crucial benefit of the approach, contends Gornik, is that organisations can develop an ecosystem of apps from different vendors, quickly and according to their needs.

“Low-code tools are used to build new applications quickly while the platform ensures the data is shared between applications and managed properly. And even if an application is retired or replaced, the data stays to be reused.”

He speaks of a concept of a “Postmodern Electronic Health Record”, based on shrinking the core EHR and surrounding it with smaller, innovative, mostly cloud-based applications and apps.

It’s a grand vision that speaks both to the long-established value of the vendor neutral archive (VNA) – namely, an archive which can store and give access to data regardless of which program it was created in – but also to the possible benefits of moving such archives to the cloud.

Scalability in an age of data explosion

For Chris Scarisbrick, sales director at Sectra, one of the challenges of data storage in the modern healthcare setting is the sheer size and volume of it. “As you start to consolidate all of these environments and add in the pathology imaging, and cardiology imaging, suddenly you’ve got to provide several petabytes instead of several terabytes.”

But cloud, he suggests, makes it possible to more easily meet growing storage requirements, and its flexibility makes it easier for NHS trusts to plan budgeting, according to Igance Wautier, healthcare IT business development manager from Carestream.

“The trusts know the number of studies or images they have, so they know how much they are going to pay. They sign a contract for seven years, for example, and they know that they will pay a fixed amount for that time,” adds Wautier.

“If they don’t want to extend the contract, they get their data back for free.”

And Wautier echoes a point made by Gornik. “Medical records need to stay around for our lifetime so having it on cloud makes it easier to keep those records.”

Safety benefits too?

And could cloud-based VNAs offer security benefits as well? When Scarisbrick considers the factors behind the 2017 WannaCry attack – which is now estimated to have cost the NHS £92m and which affected a third of hospital trusts and 8% of GP practices – he concludes it could.

“More often than not, and WannaCry was not an exception, the vulnerabilities target unpatched systems because there are exploits that are available that are fixed by the patches. If those patches haven’t been applied, then those IT systems remain vulnerable,” he says.

“Cloud providers are very highly monitored, they have penetration tests, they need to be certified to a certain level in terms of conformance and that includes things like making sure that patches are always applied to the infrastructure when they are made available. Now, that’s like painting the Forth bridge – by the time you get to the end, you’ve got to start again.”

Wautier agrees, arguing that the presence of dedicated teams monitoring cybersecurity of cloud solutions mean it is a safer archiving solution.

And having providers store VNAs in the cloud could also provide organisations with 24/7 infrastructure support. Scarisbrick compares this to platforms like Facebook and Dropbox which never go down.

“These cloud specialists need to keep that infrastructure up and tracking for several critical customers at once. They’ve got redundancy, the backups and the support structure in place to ensure that any problems are dealt with swiftly within contractual SLAs [service level agreements]. That takes away that burden from the trust and pushes the responsibility for that backup regime to the cloud provider.”

With all the benefits, why aren’t NHS trusts embracing the possibility of moving VNAs to the cloud? Wautier thinks there is lack of incentive in the public sector, although says the private sector is taking advantage of cloud solutions. Another issue is that NHS organisations might feel like they are losing control.

“There’s an argument that says: ‘If I am in control of my own data and I am on my own network, I can pull the plug and suddenly I am invulnerable to the attack.’ That is a very credible argument,” says Scarisbrick.

For trusts in rural areas, there is also the issue of reliable and performant connectivity to cloud services, which Gornik says is a problem. And cloud-based platforms can still cost more than onsite storage. Providers, however, believe that by evaluating everything else, including the cost of risk and the resources that are required, trusts can make the VNA in the cloud work out.

“Things like WannaCry actually have helped to accelerate the conversation because trusts realise just how at risk they were and had a very real wake up call to the sort of consequences that emerge from this type of disaster,” says Scarisbrick.