Cloud Migration Prescriptions for Healthcare

Cloud computing, technology connectivity concept

By Yuval Shchory

When designing your cloud computing strategy, it’s important to understand that no two healthcare systems are alike, even when in a large network. There are varying areas of expertise, team structures, responsibilities, functions, and so on.

In healthcare, the majority of organizations are driven to the cloud from either “push factors,” such as critical infrastructure products, or “pull factors,” such as lack of CapEx available for investment in physical servers. During this cloud migration process, part of  or all of an organization’s data, applications, and workloads will move to a cloud infrastructure, and it is important to adhere to high-level cloud migration strategies in order to help you choose the most appropriate approach.


Identify Your Goals

Laying out your goals and areas to address through your cloud migration strategy can help ensure your business and technology strategies are aligned; such as, are you trying to cut costs, are you struggling to attract and retain skilled staff, do you have compliance requirements that need to be met when moving to the cloud?

These factors are critical for determining what your cloud migration strategy should look like.

When selecting a vendor, the size of your healthcare organization and IT deployments matters. For smaller organizations with a homogenous set of workload requirements, a single-vendor cloud strategy might be most appropriate. For much larger organizations, such as large healthcare networks with diverse workloads and varying levels of technical requirements, a multi-cloud strategy would be a better option, as that would give each project team the flexibility to choose the vendor that best fits their requirements. Regardless of organizational size there are specific internal and external compliance requirements to fulfill, and these may require the ability to move workloads between cloud vendors at relatively short notice.

Source: 2022 Cloud Security Report, Cyber Insiders

Realistically, there will be a hybrid strategy where both a traditional data center and cloud vendors are involved, especially if the cloud migration occurs across a number of years. This strategy may also be relevant if there is a need to evolve your cloud migration tactics more dynamically as you learn more about the implementation of cloud technologies within your business.

The Six Rs in Your Cloud Migration Strategy

The next step is deciding how to go about migrating your workloads to the cloud. This is where the six Rs come into scope: rehost, replatform, repurchase, replatform/ rearchitect, retire, and retrain.

Once you audit your existing applications, you will have a better understanding of the nature of work required to move to the cloud, and can classify the applications you want to move to the cloud. 

  • Rehost. “Lift and Shift” is the simplest strategy for rehosting your applications and involves moving them from physical servers to virtual servers running in the cloud. This generally requires no code changes and limited changes to processes and surrounding technologies. This enables you to develop the cloud skills and experience needed for other cloud-native practices.
  • Replatform “Lift, Tinker and Shift” is similar to rehosting, but also integrates a number of fundamental cloud services at the application level. For example, AWS IAM (Identity and Access Management) might be integrated into your application to replace or complement more traditional data center-oriented IAM systems.
  • Repurchase “Drop and Shop”involves replacing an existing on-premises application with a licensed cloud-based service. This may involve changing the licensing model your business uses, lowering the cost of maintenance, and potentially allowing a quicker and easier path to upgrades. 
  • Refactor/Rearchitect This is a cloud-native approach–taking your existing codebases and modifying or extending them to work within more modern cloud services. Containerization of your healthcare applications code is an excellent example. This may involve substantial rewrites to your existing codebase to enable it to function and to increase scalability; a complete rewrite may even be required in order to use truly cloud-native tools. 
  • Retire Your workload audit may uncover systems that are either redundant or no longer worth maintaining. These applications can be retired.
  • Retain This strategy involves keeping your application running and choosing not to migrate it to the cloud for the foreseeable future. There a number of possible reasons to retain your application outside the cloud, including:
  • Regulatory constraints on where applications can run or high internal compliance demands on security;
  • Mission-criticality of software that can make planning a move to cloud technologies earlier in the migration cycle too risky and uncertain;
  • No business case for the disruption; 
  • Legacy systems not supported in cloud environments.

Where to Begin

Next you need to plan how you will build your cloud infrastructure to support the movement of workloads. As a best practice, it is recommended to create a type of centralized “center of excellence” or cloud infrastructure team. This centralized team can choose to lay down the core systems on which other teams can run their workloads, and establish guardrails that can be implemented across the healthcare network.

Key design elements that should be prioritized over others.

  • Accounts- Using one account across your organization almost always fails to scale as there are often account limits, so it is important to establish account boundaries. Will the account be used to represent a particular business unit, an individual team, or a grouping of software services? How will this operate with your finance department? Who should receive the bill? It’s important to figure this out early on, as costs can rack up quickly.
  • IAM–  As your cloud infrastructure grows, you will need to consider the security implications of user access to the various cloud services and data. It is imperative to start this process early, as imposing IAM rules retrospectively on systems that are already running can be complicated.
  • Networking– Cloud migration involves either the virtualization of your existing network or a complete redesign. The VPC (AWS) or VNet (Azure) service allows you to set up an isolated network to run a separate set of services within your account. Careful consideration needs to be given to internetwork communication between your organization’s services and basic network resources such as IP addresses.
  • Data Migration– Migrating data to the cloud can prove challenging as it often includes Personally Identifiable Information (PII) or regulated data which has compliance stipulations. This is most problematic for large, complex healthcare infrastructures. The planning team needs to have a deep understanding of the implications prior to migrating data to the cloud to ensure compliance, but also to ensure there are no operational or performance implications.

Once you are clear on your high-level cloud strategy, developing a successful cloud migration strategy requires meticulous planning and consideration of every aspect of your business. Choosing the right cloud vendor strategy for you—be it a straightforward single-vendor migration, a multi-cloud vendor approach, or a hybrid strategy—is the next step. Finally, you’ll want to architect your cloud migration by first considering the key infrastructural components before beginning to onboard applications.

Author: Yuval Shchory Global Head of Cloud Security Product Management, Check Point Software Technologies

Yuval is the Global Head of Cloud Security at Check Point and has a long history of helping organizations find the delicate balance between solving customer problems, building a product strategy and growing the business. I am passionate about leading amazing product teams that build awesome products in the Enterprise IT, Cloud and Security spaces.

Healthcare Business Today is a leading online publication that covers the business of healthcare. Our stories are written from those who are entrenched in this field and helping to shape the future of this industry. Healthcare Business Today offers readers access to fresh developments in health, medicine, science, and technology as well as the latest in patient news, with an emphasis on how these developments affect our lives.