The recent projection for a rise in medical cost is driving health care providers towards using cloud computing. This is gathering momentum, and e-health has been projected to be the next big step for cloud computing. This shift from the tradition setting where health care providers used to own and manage their IT resources to a whole sale outsourcing of such services is being driven by the perceived advantages of moving to the cloud. In Germany for instance, some estimate that over a period of five years, cloud computing could generate over €200 billion in economic benefits, and 800,000 jobs. Others believe that moving IT resources to the cloud could save an organisation about a third of its IT budget. However, some skeptics argue that despite these enticing statistics, it is not yet ripe to move certain sensitive or critical applications to the cloud. This is because of the volatile nature of the infrastructure and attendant risks in such innovative technology. Both from legal and ethical perspective, privacy and data security of such deployed data cannot be guaranteed. E-health applications are included in such critical applications, ranging from electronic health records to those that monitor vital signs in real time.
One argument that readily comes up in these debates is that despite the advantages of such computing outsourcing, there are obvious risks that health care providers will lose the control of sensitive personal data involved in their relationship with patients. In the traditional environment, the ability to layer stronger authentication, access control and auditing capabilities exists as a result of the defined network layers. By contrast, public clouds lack this clearly defined network layers, and present heightened opportunities for breaches of protected health information because of the nature of the infrastructure itself. Not only are cloud resources dynamically provisioned, data can be stored in any part of the world including states without adequate level of personal data protection. Thus, guaranteeing data security and integrity control in the cloud may pose some obstacles.
Apart from privacy and jurisdictional issues, other management, technical and security challenges militate against a whole sale deployment of e-health applications in the cloud. The recent closure of Google Health, a cloud application service that gave people access to store their personal health information further brings an insight into the risk of adopting public cloud services for sensitive data processing. What happens if the provider goes out of business? How would users of this Google services be sure that their data have been erased when it finally goes offline? How would cloud users circumvent the barriers in data, application and service interoperability if they want to move to another cloud or return to the traditional model? Or are they simply locked-in?
Sensitive health-related data in most cases hold the key to life and death and should be accorded fine grained protection at all stages of their processing. Where such data are compromised, they may cause irreparable loses to the data subjects such as employment and insurance opportunities. From an ethical point of view, it is not clear whether patients are fully aware of the risks involved in processing their health data in the cloud, and have given informed consent for such processing. Involving non-health care practitioners in the process of health care services through the outsourcing of support technologies also raises an ethical question as to whether mere convenience justifies the heighten risk of breach of confidentiality in the fiduciary relationship between the health care providers and their patients. The International Working Group on Data Protection in Telecommunications has maintained that: “The special sensitivity of health information has to be kept in mind when considering the online availability of electronic health records. Under the Hippocratic Oath, doctors have always had to treat patients’ information confidentially. To care for the health and the life of the patient has never been a licence to disclose such information to third parties who are not participating in the treatment of the individual patient.”