Sentara Health saves $5.8M annually via migration to cloud
Photo: Sentara Health
Sentara Health is a not-for-profit health system, one of the largest in the Mid-Atlantic and Southeast and among the top 20 largest in the country, with 30,000 employees, 12 hospitals in Virginia and Northeastern North Carolina, and the Sentara Health Plans division, which serves more than 1.2 million members in Virginia and Florida.
THE PROBLEM
Sentara has embarked on a cloud computing journey to enhance operational efficiency, improve patient care and strengthen data security. Through strategic work with vendors and innovative initiatives, Sentara has leveraged cloud technologies to transform its IT infrastructure with the aim of delivering improved patient outcomes.
In 2018, Sentara launched its digital front door initiative to enhance patient experience and improve access to healthcare services through technology and innovation.
"The digital front door includes various components to make healthcare more convenient and accessible for patients," said Tim Skeen, executive vice president and CIO at Sentara Health. "One key element was implementing a mobile app that allows patients to schedule appointments, access medical records and communicate with healthcare providers.
"This app provides a seamless and personalized patient experience, eliminating the need for phone calls or in-person visits for routine tasks," he added.
To strategically move Sentara to the path of a digital front door, staff recognized the need to securely architect, deploy and manage applications, services and assets in the cloud, he said.
"As we looked at rolling out the digital front door, we also recognized the need for a consumer-facing app in the cloud, our enterprise data platform, EHR, CRM, claims platform, and many other strategic and business-focused applications," Skeen recalled.
"As businesses increasingly migrate to cloud-based environments, ensuring the security of sensitive data and applications becomes paramount," he continued. "Cloud computing has revolutionized how businesses operate but has also introduced new security challenges."
PROPOSAL
Skeen said first up was understanding the cloud security framework.
"The cloud security framework offers a comprehensive approach to safeguarding cloud infrastructures, leveraging advanced technologies and implementing industry best practices," he explained. "This technology provides a solid foundation for the cloud security framework, enabling organizations to protect sensitive data and ensure the integrity of their cloud-based operations."
"By defining cloud infrastructure through code, we could standardize and automate the deployment of their security framework across multiple cloud environments."
Tim Skeen, Sentara Health
Key components of the framework, Skeen outlined, include:
- Secure data processing. The patent encompasses advanced techniques for secure data processing in the cloud. It includes encryption algorithms, secure data transmission protocols, and robust access controls to safeguard data at every stage, from storage to processing.
- Anomaly detection and threat monitoring. The patent incorporates sophisticated anomaly detection mechanisms to identify and mitigate potential security threats. This technology can detect abnormal activities indicative of a security breach by analyzing network traffic patterns, user behavior and system logs.
- Secure data storage. The patent's data storage capabilities ensure that sensitive information remains protected at rest. It employs encryption methods to encrypt data before storing it, rendering it unreadable to unauthorized users. Additionally, the patent includes mechanisms for secure key management, ensuring secure access to encrypted data.
- Scalability and performance optimization. The patent emphasizes scalability and performance optimization to cater to the dynamic needs of cloud-based environments. It enables organizations to scale their cloud infrastructure seamlessly, ensuring that security measures remain robust despite increasing data volumes and processing demands.
- Data encryption and privacy. The framework employs encryption techniques to protect sensitive data at rest and in transit. Encryption ensures that even if data is compromised, it remains unreadable to unauthorized individuals. Additionally, the framework emphasizes privacy controls, ensuring compliance with privacy laws and regulations.
MEETING THE CHALLENGE
Skeen said there are many benefits of the cloud security framework, including:
- Enhanced security posture. By adopting this framework, organizations can significantly improve their security posture in cloud environments. The comprehensive approach covers various facets of security, ensuring that vulnerabilities are addressed holistically.
- Regulatory compliance. Organizations operating in highly regulated industries like healthcare can leverage this framework to establish and maintain compliance with industry-specific regulations. The risk assessment and compliance management components help organizations identify and rectify compliance gaps.
- Scalability and flexibility. The framework is designed to scale with the evolving needs of organizations. It can adapt to different cloud environments, including private, public and hybrid clouds, making it suitable for various business requirements.
- Cost-effective security. Organizations can streamline their security operations by adopting a unified security framework, reducing the need for multiple disparate solutions. This consolidation leads to cost savings while ensuring comprehensive protection against cyber threats.
"The automated deployment of cloud security framework technologies were used to streamline and enhance the process," Skeen explained. "Optafi, a cloud security vendor, recognized the need for an automated approach to deploying their security framework to protect cloud environments efficiently. By implementing automation tools and methodologies, we were able to simplify and accelerate the deployment process while ensuring the highest level of security.
"One key aspect of the automation strategy was the use of infrastructure as code (IaC) principles," he continued. "By defining cloud infrastructure through code, we could standardize and automate the deployment of their security framework across multiple cloud environments."
This eliminates the need for manual configuration and reduces the risk of human error, resulting in a more secure and consistent deployment, he added.
"Moreover, we leveraged continuous integration and continuous deployment (CI/CD) pipelines to automate the entire deployment lifecycle," he noted. "CI/CD pipelines facilitate the seamless integration of code changes, automated testing, and deployment of the security framework. This allows for faster iterations and ensures that the latest security enhancements are promptly deployed in the cloud environment.
"Intelligent orchestration and configuration management tools were employed to enhance the cloud security framework's automation further," he continued. "These tools enable us to manage and automate the configuration of security controls centrally, ensuring that all cloud instances are adequately secured and compliant with industry standards."
Additionally, automated monitoring and alerting systems were implemented to proactively detect and respond to any security incidents or vulnerabilities, he said.
RESULTS
Skeen reported some key success metrics of the cloud program:
- Sentara's cloud migration journey began in July 2018.
- Almost 80% of all applications now are in the cloud.
- Sentara is realizing a $5.8 million annual (approximately 30%) decrease in data center cost from the baseline.
- The reduction in operating expenses comes from reductions in labor costs, software maintenance, data center equipment and maintenance, and utilities.
- Sentara's migration to the cloud changed the recovery posture from 10-12 days at 20% capacity and 30 days for full recovery to 4 to 12 hours for complete recovery of mission-critical applications at a 28% cost reduction of running on premise.
Follow Bill's HIT coverage on LinkedIn: Bill Siwicki
Email him: bsiwicki@himss.org
Healthcare IT News is a HIMSS Media publication.