Medicine 4.0 underpinned by validated cloud services

The digital revolution can only succeed with the right IT tools. The cloud offers hospitals, pharmacies and patients numerous possibilities for more efficient crosslinking and processes.

The GPs and hospitals of the future are digital. Blood tests will be sent to the attending doctor over the cloud. Patients will monitor vital functions via their smartphones. When any questions arise, the answer will not be found in the filing cabinet, but in digital health files with 24-hour online access. These advantages for the health care sector are balanced by the significant challenges it must face along its route to digitisation, particularly when it comes to data protection.

Digitisation is still lagging behind

Only one in four German hospitals currently has a strategy for digitisation, according to a “Digitisation in the health care economy 2016” survey commissioned by Rochus Mummert Healthcare Consulting. Many hospitals are in need of an upgrade before they can offer their patients the best medical services. The focal point for medicine 4.0 is the patient and patient needs. Stringent legal requirements dictate that software products can only be installed if they meet the highest standards for security and transparency.

The challenge: to harmonise patient needs with data security

What do the patients actually want? They want to be able to administrate their personal digital electronic file in such a way that it is possible – at any time – to create a digital interest group with the relevant medical experts. Everyone has access to the necessary information so that health problems can be actively avoided or acute conditions treated. One example: the x-rays of the future will not be printed or supplied on a CD, they will simply be saved into the online work-space associated with the particular patient. The challenge: personal and sensitive data such as health-related files must not be freely passed on. The requirements are primarily regulated by standards such as the EU GxP Annex 11 Guideline or the EU data protection regulation, with a new version coming into force in May 2018 (EU general data protection regulation).

“Digital Healthcare” business

Various organisations and businesses in the health care sector are working furiously on projects to promote digital transformation. According to Roland Berger consultants, the digital healthcare market is set to grow from its current value of 80 billion USD to over 200 billion USD by 2020. Consequently, there is a risk that digital service providers who are developing bespoke services will overtake established medical providers whose thinking is not sufficiently “digital”. These digital service providers, however, often lack understanding of the complex and sensitive issues related to handling personal medical data, especially as more and more information is being gathered. Not just smartphones, but all kinds of electronic devices are being developed: e.g. sphygmomanometers which can send blood pressure data to the cloud or cooperate with service providers such as pharmacies. In the future, this is the kind of data that will be increasingly used as a basis for evaluating medical services or for assessing accident insurance and life insurance. It is imperative that the data is properly protected.

Secure, validated cloud services urgently required

Reliable cloud solutions can help to keep the focus on the patient's needs while implementing innovative new services. The new EU general data protection regulation stipulates firstly that personal data may not be stored permanently, and secondly that transparent information must be provided concerning who is processing it and how. In order to meet requirements of this kind, cloud providers are encouraged to operate data centres in their own country. Thus, a local contract can be drawn up according to national law, and transparent contracts will exist regarding data processing with potential third party services. A digital service implemented in this environment must be validated as compliant with EU GxP Annex 11. This guideline largely follows the American standard FDA 21 CFR Part 11. A cloud solution which has already been validated according to the latter standard and which can be configured by the health provider can be useful in order to rapidly build up innovative, secure medicine 4.0 services. Ideally, cloud solutions should be used which have been awarded five stars in the EuroCloud StarAudit; the Fabasoft Cloud is one such solution. This certificate is a benchmark of the quality of the cloud provider, particularly its data protection services, process transparency and data security. Reliable, validated cloud services are foundations upon which medicine 4.0 can progress, so that the security of personal data is ensured and patients as well as all health service providers can benefit.