Medical Imaging Cloud Storage Sooner then Later

| April 15, 2017

by Brien Posey

Cloud storage can relieve the heavy burden on local medical imaging storage, but health IT leaders must consider security, data access and five other key factors before jumping in.

Today, health care providers are generating high-resolution imaging data at an unprecedented rate. There is no denying that imaging software goes a long way toward improving patient care, but medical imaging storage can be quite a challenge. Many organizations are beginning to discover it’s much more cost-effective to store imaging data in the cloud than to store it locally.

Even so, there are advantages and disadvantages to working with a cloud storage provider. Here are seven factors to take into account.


Without a doubt, cloud storage’s biggest benefit is pricing. Cloud-based storage is almost always less expensive than local storage. Plus, if you subscribe to a Software as a Service, or SaaS, application, its vendor might provide application data storage for free.


Even if a cloud storage provider claims to adhere to all of HIPAA’s requirements, those claims are worthless unless auditors have a way of verifying them.

Another advantage to online medical imaging storage is that you rarely will have to think about storage capacity. Sure, you might have to pay a little bit more if you exceed a predetermined limit, but you will never have to deal with the types of capacity issues that come into play when data is stored locally. For instance, when using cloud services, you won’t find yourself having to place an emergency order for a new storage array because you suddenly realize you are about to run out of disk space.

Disaster recovery

A tremendous benefit of using cloud storage is that most service providers assume the responsibility for backing up your data. Even so, you should ask your provider about what it backs up and how often. Some provide storage only as an infrastructure component, not as a service, and therefore leave clients to back up their own data.


We all know that health care providers are required to maintain HIPAA compliance, but have you stopped to think about how moving your storage to the cloud might affect compliance? Even if a cloud storage provider claims to adhere to all of HIPAA’s requirements, those claims are worthless unless auditors have a way of verifying them.


When it comes to online medical imaging storage, security is something of a double-edged sword. On the one hand, most reputable cloud storage providers have top-notch security. On the other hand, the reason cloud storage providers typically have such good security is because they have to. If you stop and really think about it, cloud storage providers advertise the fact that they are in the business of storing people’s data. What could possibly make for a more tempting target than a place that advertises it has been entrusted with countless terabytes of sensitive data?

The situation is a bit different for small health care providers storing all their medical imaging data locally. What are the odds of a hacker attempting to get into that data? In my experience, relatively small. Such organizations have what I like to refer to as security through obscurity. In other words, hackers can’t break into a place they have never even heard of. And even if a hacker knows about a particular small organization, he might assume that breaking in would be a waste of time and move on to a bigger target with much more data.

Of course, this doesn’t mean that small organizations shouldn’t use good security. Even if a hacker never attacks an organization directly, malware infections can do just as much to compromise patient data. Furthermore, some hackers prefer to break into small organizations because they usually have lighter security than larger firms and are less likely to detect a security breach.

Data ownership

One of the biggest issues you need to research if you are considering moving your imaging data to the cloud is that of data ownership. When cloud providers first began offering storage, there were a few whose cloud storage SLA (service level agreement) contained fine print essentially stating that the subscriber’s data became its property. I haven’t heard of any doing this recently, but it is still something to check.

Even if a cloud storage provider does not take legal ownership of your data, you could find that it has practical ownership. In other words, logistical issues could stand in the way of you moving your data back on-site should the need ever arise.

Being able to move your data is an extremely important consideration. You have to be able to walk away from a cloud storage provider (with data in hand) if you ever become dissatisfied with its service. Besides, if moving your data becomes impossible, there is nothing stopping the cloud provider from steadily increasing the price of storage. It could be holding your data hostage as a way of extorting more money from you.

While I am on the subject, I also want to address something no one wants to think about: What if your cloud storage provider simply closes its doors, never to be heard from again? Do you and all the vendor’s other customers lose all your data? It is important to have a very frank discussion with any storage provider you are considering using about the firm’s financial stability and contingency plans.

Speed and data access

Finally, it is important to remember that no matter how good your cloud service provider might be, your ability to store and access imaging data ultimately boils down to your Internet connection. If your Internet service goes down, you will have no access to any of the hosted data until connectivity is restored.

More importantly, many Internet service providers throttle data based on use. For example, if your ISP determines that you are consuming a disproportionate amount of bandwidth by uploading and downloading a lot of high-resolution images, it might throttle your connection as a way of forcing you to use less bandwidth. This scenario and others make it essential that you check on your ISP’s throttling policy.

While you are at it, it is also important to check with your ISP to see what kinds of transfer speeds you are paying for. It is very common for ISPs to advertise high download speeds, but to limit upload speeds severely. For example, my own Internet service includes 7 Mbps for downloads, but only 512 Kb for uploads.

In conclusion, the use of high-resolution medical images has forced health care providers to search for affordable storage options. Using cloud storage can cut costs tremendously and can liberate organizations from the headaches of backups and storage capacity planning. These benefits, however, are not risk-free, and it is critical for health IT professionals to understand those risks before they move storage to the cloud.

About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. Write to him at

Category: Uncategorized

Comments are closed.