Better Health: Smart Health Commentary Better Health (TM): smart health commentary

Article Comments (4)

Why Cloud Computing Can Be Dangerous In Healthcare

*Editor’s note: Dave would like readers to check out the comments section in the original post for his full views.*

A lot of people are intrigued with using “cloud” applications and storage for personal health data. This week we’re seeing what I think is the final nail in the coffin of “cloud only” for anything important. You gotta have offline backups: two huge cloud vendors – Amazon and now Google – have demonstrated that even they can go down, leaving their users absolutely powerless.

Cloud applications diagram from Wikipedia

Cloud computing (Wikipedia) is hugely attractive to software developers and businesses. As shown in this diagram from Wikipedia, the idea is that you do your computing using storage or tools that are on some computer somewhere out there “in the cloud.” You don’t know or care where, because somebody out there takes care of things. As your business or database grows, “they” take care of it.

And it’s real – it works.

But when “they” screw up, you could be screwed.

Last month Amazon Web Services went down for a couple of days. PC Magazine posted a good summary, and many of us learned that well known companies like Hootsuite and Foursquare don’t actually own the computers that deliver their product: they rent services from Amazon Web Services (AWS). So when AWS went down, there was nothing they could do to help their customers.

Now the same problem has happened with Google’s (“blogspot”) blogs. For at least 48 hours the back end of their blogging system has been dead. For instance you can read my old blog (, but when I try to log in to create a new post, here’s what I get:

Blogger Is Down screen shotZDNet reports that all posts and comments added since the problem started have “been removed,” a euphemism for “lost forever.” ZDNet asks, what keeps this from happening to other cloud products, like Google Docs? (What if you’d stored your business documents in Google Docs? What if your last two days of Gmail were lost?)

What’s the relevance of this to patient engagement? Well, a lot of people talk about cloud-based personal health records (PHR), and cloud-based medical tools. Here’s the lesson: For anything you can’t afford to be without, you gotta have non-cloud backups.

  • You gotta have offline data backups.
    • My personal website is built using WordPress; every day they email me a backup file of my complete database. I can’t lose more than a day’s work. It’s vital, it’s obviously not complicated software, and it’s free.
    • At my old day job, I used to manage a pretty big cloud-based database for our sales and marketing needs: Every week they emailed us a link to download a zip file of our entire database, plus a daily update.
  • For any “can’t afford to be down” situation, you gotta have ironclad availability.
    • Here at, we don’t rely on the cloud. Our WordPress blog is hosted on the highly reliable servers of one of our board members.
    • has a  huge number of redundant server farms, and they’re totally transparent about outages and even degradation. To earn the trust of the corporate world, they published It displays the uptime, performance degradation and outages of every system around the world. Click on any symbol and see the root cause, how it happened, and what they did about it. (And you can subscribe to any RSS feed for all updates! Hey Google and Amazon, you gonna offer that?)

People I talk to tend not to “get” this unless it’s expressed as their kids’ medical record. A couple of years ago I spotted this message on the Google Health user forums:

Help – leaving for hospital – data won’t print.

I do believe in the cloud – it makes sense for many situations. It makes innovation far faster and less risky. But for anything important – which health is – you gotta have offline backups and you gotta be sure you won’t go down.

Of course, there’s an ultimate trap for anything online: if the internet goes down, the whole cloud goes down. That happens sometimes, and it could very well happen if an enemy hacked the Web. For anything mission-critical you have to consider whether you could afford to be offline for hours or days, and think out what you’d do meanwhile. (Same for power outages, which is why hospitals etc. have backup generators.)

All  this has been debated for years in the IT community, but once again the health IT world seems to be naive. As we consumer/patients (and health workers) start to acquire IT tools, we must insist that tools we rely on have sufficient reliability – even in a disaster.

*This blog post was originally published at*

You may also like these posts

    None Found

Read comments »

4 Responses to “Why Cloud Computing Can Be Dangerous In Healthcare”

  1. Ben says:

    I think that the basic advice here “You have to have an offline backup” is pretty reasonable, but this article seems to be implying that the cloud is somehow riskier than locally run systems. This is nonsense. Major operations (google, amazon, rackspace,etc) have systems that are radically more stable and redundant than almost any other business is capable of operating. Yes, it is possible for these cloud systems to go down, but when you compare the number and severity of the outages major cloud systems have to the statistics for self-hosted servers or (even worse) storage of data/software on users’ local machines, you are MUCH better off with cloud servers and services. It’s like looking at a plane crash (chance of death: .02 per billion passenger km) and saying “See, I told you people should drive” (chance of death 2.8 per billion passenger km).

    Not only do outages occur less frequently on cloud-hosted applications but when they do the backups tend to be more recent than local admins usually schedule and the restoration is generally faster… all while not costing you a additional penny (restoring data from failed desktops and servers can be very expensive). And while pulling your data from the cloud does remove your dependence on one group of operators (the cloud host), it dramatically increases your reliance on another group of operators: your sysadmin or local computer repair shop… and this second group tends to be much less reliable or qualified as the cloud techs. Paper might be a hedge, but I doubt you’re considering this a viable option for most systems – printed wordpress databases won’t help much 🙂

    Also, seeing “Help – leaving for hospital – data won’t print.” and ascribing this to a failure on the cloud is ridiculous. In all my years of work I have heard the phrase “Data won’t print” on an almost weekly basis, and the problem ALWAYS falls into one of three categories: (a) user error/ignorance; (b) problems with the local printer or network; or (c) encoding/font problems on the local machine. It’s not Google’s problem that she didn’t know how to print from her browser or install a print driver… this has nothing to do with the cloud… she would likely have had the same problem with locally-stored data.

    I totally agree that we should try to have as much redundancy as possible for critical systems or data, but when I look at the stability and up-times of my cloud-apps clients vs my self-hosted/self-managed clients I just cannot stress enough that for most situations you are better off in the cloud.

  2. e-Patient Dave says:

    Hi Ben! Did you have a chance to read the original comments, per Val’s editor’s note? We got into the concerns you voice.

    I don’t know what I did that made people think I was expressing a preference for one thing or another. The title on my original said, explicitly, “‘Cloud only’ is dead for health.”

    AND, having said that, the comment stream over there made clear that in-house EMRs are widely felt to have horrible reliability. I guess I was naive on that. But still, I didn’t say a thing in the post about cloud being better or worse than anything else.

    Re the printing anecdote – funny, to me the real cure for that (someday) is for the frickin hospital to be able to view the data in the cloud! Today I’m told many hospitals’s browsers are so locked-down that’s not possible. Anyway, in this case, while I agree about the causes of printing problems, I still see the anecdote as a lesson: consumers shouldn’t expect to just put everything in the cloud and presume it’s all taken care of. Right wrong or otherwise, that’s a widely held impression. (For instance, putting the data there, then assuming he could take it with him, didn’t work out well.)

    Maybe my post needed a statement of problem at the top, e.g. “I love the potential of the cloud. I use it for many parts of my business, and for healthcare it holds the promise of universal and shared access to whatever data we put in it. But cloud data and cloud apps are no cure-all: they’re only tools, and we who want to use the cloud need to think out the bigger picture.”

  3. Ben says:

    Thanks for the reply… you have quite a discussion going on the original post 🙂 – I hadn’t seen that at first.

    I think that at least some of the reaction is based on the fact that resistance to cloud computing is a sore point among many IT or operations managers (myself included) because getting clients to shift to more cloud-based services has been such a hard sell despite its stellar record and cost benefits. Clients often do the same exercise: come up with weaknesses in the cloud and then compare it to a mythical “perfect system”.

    Anyway, the point is still well-taken: redundancy and disaster-preparedness are key, and the Cloud doesn’t solve stability and accessibility problems – it just improves them. An excellent setup for cloud services involves using two cloud hosts: a large powerful cloud server/CDN with one host and then a small, cheap backup clone hosted with a second organization whose only job is cloning the data saved on the primary machine. In the event of an outage the secondary machine can be expanded within a few minutes to serve as the primary machine (one of the other advantages of the cloud computing). And of course a periodic backup to a local machine in the event of a nuclear war.

    Also, on that disaster-preparedness front, it’s important that backup drills be run for any critical data. It’s sad, but it’s not uncommon for a backup-system to be misconfigured or otherwise produce bad-copies, and because no one had ever tried to recover from a backup you only learn when it’s too late that your backups are no-good. Furthermore, a lot of groups seem to have a backup plan, but no recovery plan, so when they go down they have their data but they don’t know how to put this data back into a working system. Finding someone with the knowledge and permissions to restore data should be something you do before a failure.

    Anyway, thanks again for the response, and I appreciate the discussion.

  4. e-Patient Dave says:

    Hey Ben,

    I guess there’s a second big surprise to me in this (aside from the non-surprises). The first is that the big-iron systems are apparently so unreliable.

    But the second is that THESE conspicuous cloud outages were multi-day! The longest I ever saw be unavailable, in my 2 years as an admin, was for a few hours. But both Blogspot and Amazon were down for days – totally, not just one instance.

    Do you have any insights into that?

Return to article »

Latest Interviews

IDEA Labs: Medical Students Take The Lead In Healthcare Innovation

It’s no secret that doctors are disappointed with the way that the U.S. healthcare system is evolving. Most feel helpless about improving their work conditions or solving technical problems in patient care. Fortunately one young medical student was undeterred by the mountain of disappointment carried by his senior clinician mentors…

Read more »

How To Be A Successful Patient: Young Doctors Offer Some Advice

I am proud to be a part of the American Resident Project an initiative that promotes the writing of medical students residents and new physicians as they explore ideas for transforming American health care delivery. I recently had the opportunity to interview three of the writing fellows about how to…

Read more »

See all interviews »

Latest Cartoon

See all cartoons »

Latest Book Reviews

Book Review: Is Empathy Learned By Faking It Till It’s Real?

I m often asked to do book reviews on my blog and I rarely agree to them. This is because it takes me a long time to read a book and then if I don t enjoy it I figure the author would rather me remain silent than publish my…

Read more »

The Spirit Of The Place: Samuel Shem’s New Book May Depress You

When I was in medical school I read Samuel Shem s House Of God as a right of passage. At the time I found it to be a cynical yet eerily accurate portrayal of the underbelly of academic medicine. I gained comfort from its gallows humor and it made me…

Read more »

Eat To Save Your Life: Another Half-True Diet Book

I am hesitant to review diet books because they are so often a tangled mess of fact and fiction. Teasing out their truth from falsehood is about as exhausting as delousing a long-haired elementary school student. However after being approached by the authors’ PR agency with the promise of a…

Read more »

See all book reviews »