5 Steps To Migrate Your Healthcare Data To The Cloud

The Cloud is here! Actually, we all know it’s been here for a while, but healthcare has been slow to make radical moves to Cloud adoption, preferring evolution over revolution. And with good cause – unlike other industries, healthcare needs to ensure that technology shifts, such as the move to Cloud, carry minimal risk for patients, finance, operations, and an organisation’s reputation.

However, we are now in an era where Cloud has proved itself to healthcare as a viable alternative or, at the very least, an augmentation to the on-premise technology landscape. Issues around security and privacy have largely been put to bed. The location and ownership of healthcare data was another hurdle that has since been overcome – we now have a buoyant open market for public and private Cloud providers for healthcare data offering a myriad of choices as to where and how healthcare data is located and managed. And funding models are changing – for example, in the NHS, there are infrastructure and application budgets available that Cloud initiatives can tap into, such as those for frontline digitisation, cybersecurity, and diagnostic capacity and improvements.

At BridgeHead, every customer conversation we now have features the inclusion of Cloud at some level. Why? Simply because there are many benefits healthcare organisations can realise by adopting Cloud. These include: cost effective Cloud storage; the quick and easy scaling up and down of IT resources (of almost any kind) ‘on demand’; state-of-the-art data protection and disaster recovery; the reduction or elimination of hardware replacement costs; and a minimisation or removal of the time, skills, and cost to maintain or upgrade on-premise infrastructures. Ultimately, there is strong evidence to show that although Cloud may not be ‘cheaper’ (certainly when you compare headline pricing), but it does deliver a lower total cost of ownership. When you consider cost, efficiencies (from the intelligent use of Cloud infrastructure and services), quality of service provision, the ability to pay-per-usage (resulting in reduced wastage), and more; the Cloud can be a very cost-effective solution. So, how can healthcare organisations capitalise on the Cloud?

Here are 5 steps that BridgeHead advises hospitals and other care facilities can take in order to successfully migrate healthcare data into the Cloud.

Step 1 – Profile Your Data

Not all healthcare data carries the same value. As a result, not all data should be treated and managed the same. Before we start looking to the Cloud, we should have an idea of what data we already have and an idea of its importance. This will help determine the costs that should be associated with its long-term storage and maintenance. We believe the best way to do this is to look at the containers of data across your healthcare ecosystem, i.e. data that lives in your patient, clinical, and operational applications. Let’s consider two common scenarios:

Applications In Production

Firstly, we need to understand which applications are currently generating new data. These production applications and their associated data are the most complex systems to move to the Cloud. This is because they are ‘in production’ (i.e. in use) and, as a result, you would have to migrate them to the Cloud ‘as is’ (or commonly referred to as ‘lift and shift’. These applications tend to derive the smallest benefit from porting to the Cloud since their architectures may not be tuned to take advantage of Cloud platforms.

Legacy Applications (Not In Production)

We also need to understand the applications that are NOT currently generating data, but are maintained because they are referenced from time to time – we call these legacy applications. These legacy applications are likely to be the ‘low hanging fruit’ for a Cloud migration plan – this is because you have the option to change the underlying application where this reference data sits. Then you have 3 options available to you as to what you can do with these legacy systems:

  1. Delete them! Some data may no longer be relevant; and you may find that some of this data is of poor quality and, thus, of limited value;
  2. ‘Lift and shift’ the original application but, as mentioned above, this reduces the likely benefits of moving to the Cloud;
  3. Remove the data from the application, move the data to a Cloud-based Clinical Data Repository. We’ll focus on this a little more below, as we believe this will give you the biggest ‘win win’ in migrating to the Cloud.


HealthStore Explainer Video
A Cloud-enabled Repository For Your Patient, Clinical, And Operational Data


Step 2 – Implement A Cloud-based Clinical Data Repository (CDR)

The HIMSS Electronic Medical Record Adoption Model (EMRAM) Digital Maturity model advocates the creation of a Clinical Data Repository (CDR). Implementing a CDR will provide the greatest long-term value if it is built on a modern operating platform like that offered by Cloud vendors. Extracting data from legacy applications and moving it to the Cloud will reduce the total cost of ownership of that data (for example, the cost of licences and infrastructure).

The CDR should accept content of all types, ranging from administrative PDF documents through to complex medical image data (and all in between). Consequently, it will provide a single location to search and access all historic patient, clinical, and operational information. This could be done directly via a simple web browser. But, importantly, the CDR can present information ‘in patient context’ through integration with your primary systems, such as the electronic health record (EHR). In this case, clinicians and supporting staff can access a much richer patient record using their existing clinical workflows and without having to log into multiple systems.

In the future, the CDR may become the primary location for storing all healthcare data. However, if it just contains legacy data, the CDR will be able to profile that information and ensure that it’s managed and maintained at a reasonable cost (if we accept the premise that legacy data will be accessed less frequently than ‘newer’ data).

Find out more about BridgeHead’s Clinical Data Repository, HealthStore®, where you can also book a call or arrange a product demonstration.

Step 3 – Futureproof Your Legacy Content

Data is becoming the biggest asset in managing clinical pathways. Not only is it the data that helps design the pathways and treatments; it’s also data that allows for the improvements of all aspects of that care. Over the coming years, you are going to be asked to do evermore with your data. We strongly recommend you plan for your Cloud-based CDR to be the primary focus of your efforts for these new requirements and capabilities.

Take artificial intelligence (AI), for example. AI will change the way you store and access data, or at least it will change the way some services store and access data. AI will need advanced and evolving search methods; it may need temporary storage structures; and it will need compute ‘on demand’ while you generate and update Machine Learning algorithms. Can you do any of that with your existing resources on-premise?

When it comes to AI, the value of well-maintained legacy data increases – this is because that data can be put to work to power AI activities. And all of this is much easier to achieve using the Cloud, such as compute ‘on demand’, which allows you to scale-up resource utilization as and where you need to. Today, all of the successful AI activities in healthcare are largely being delivered by the Cloud.

Although legacy data will initially power your drive to the Cloud, the CDR will start to futureproof your data assets.

To find out more about the best practices healthcare organizations should employ when creating a Legacy Application Retirement plan, check out this article, “All You Need To Know About Legacy Application Retirement”.

Step 4 – Secure Your Data Access

We are seeing more data generated in healthcare than ever before. This certainly poses a challenge when it comes to data storage. However, the real challenge you need to prepare for is the increase in the number of people and the volume of applications that will access that data and, critically, how you are going to secure that access. Removing legacy applications and moving as much data to a single management solution based on open standards (like a CDR), means you will reduce your threat surface and help manage the security of your data more effectively.

You will be able to bring your existing security tools to the Cloud, including services such as active directory. However, new requirements will mean you need new security wrappers. The Cloud will be able to provide solutions for the threats we see today as well as evolving to manage the threats we haven’t yet thought of. Consider the following:


The CDR will significantly reduce the likelihood of a ransomware attack being successful, especially if its Cloud based. Multiple copies of data will be available to access; and those copies will be hidden behind APIs through which ransomware ‘bots’ will find it hard to traverse. A CDR will reduce the number of security vulnerabilities simply by reducing the number of applications cyber criminals are able to target

Internet of Medical Things (IoMT)

In the case of the Internet of Medical Things, how are you going to accept data from patients? How will you quarantine this information until you have established its validity and then allow front-end systems, such as the PAS or EHR; to access that data? A CDR becomes the ideal place to house data created via IoMT. Though this information is not legacy, the same tools and processes you will have already put in place apply to both

Patient Access To Data

The future isn’t simply about patients generating data; it’s about patients accessing more content directly. This presents a major security headache! Identity management, especially for patients that are not in your active directory, is a challenge that will have to be solved. Where are those identity management tools already being deployed? Yes, you guessed it, in the Cloud.

HTN recently interviewed BridgeHead’s Data Management experts to discuss Data Protection and Cyber Security Strategy in Healthcare

Step 5 – Plan Your Interoperability

Today, interoperability is something we struggle to add to existing healthcare data silos and applications. With a Cloud-based CDR, the landscape is changing. Now the data is organized and secured, adding services (such as FHIR) to that repository becomes much easier. And considerations, such as firewall ports; are now better managed as the Cloud providers offer state-of-the-art facilities around security, for example, routing.

We all know that as soon as you implement FHIR, the next ‘big thing’ will emerge. You will then find yourself considering how you will support this ‘big thing’. Cloud operating platforms are always offering ‘quick starts’ for all the major standards that emerge, even in healthcare. After all, it was the Cloud and mobile vendors that were the first to support FHIR.

But, it’s not just the data standards we need to be mindful of. The location of the CDR will present you with new options regarding interoperability. If the majority of your data is in a single, central repository, you will only need to create one instance of a standard, such as FHIR; then apply it to the repository at large. As a result, most of your data will now be accessible using the FHIR standard. Remember, it’s much easier to migrate data out of legacy applications than it is to try and retrofit a standard, such as FHIR; and whatever comes thereafter.

Summary And Predictions

In many cases, moving your data to the Cloud offers a viable alternative to on-premise solutions. Having said that, at BridgeHead we believe that we are some way off all healthcare data being managed purely in a Cloud environment. As long as patient encounters continue to occur in our ‘bricks and mortar’ healthcare facilities, then data will continue to be generated onsite and there will be a continued need for on-premise solutions. However, we do see the ratios of on-premise versus Cloud coming closer. So, we predict that, in healthcare, the transition to the Cloud will largely be part of a hybrid deployment for the foreseeable future.

But Cloud really does come into its own when we consider: the total cost of ownership of your data; reducing security risks; and enhanced service provision. Cloud can enable the sharing of valuable patient information, which is then available to clinicians and support staff, where and when they need it, from outside the walls of your healthcare facility. However, our advice is to start small; start with your data in mind (don’t focus on moving your applications to the Cloud); ensure you create a long-term, futureproof home for your data; research your Cloud options and make an informed choice; and capitalise on your learnings.


Of course, Cloud suits some healthcare use cases more than others. And it’s not a ‘one size fits all’. So, if you would like advice on where to start your Cloud journey, or how to enhance or accelerate your Cloud adoption, we’d be delighted to talk to you. Just click the ‘Book A Call’ button and one of our representatives will be in touch.