The Use of the Cloud in PACS Applications

Back in 1966, Joni Mitchell sang these words in her song “Both Sides Now:” 

     I’ve looked at clouds from both sides now

     From up and down and still somehow

     It’s cloud illusions I recall

     I really don’t know clouds at all 

Almost 60 years and literally hundreds of articles on the topic of the cloud later, truer words were never spoken (or sung). Everyone and no one seems to be an expert on the cloud with opinions on what it is and how it works (or should work) all over the board. 

Three Approaches to the Cloud

Nearly all picture archiving and communication systems (PACS) claim to be in the cloud, whether cloud-native, cloud-based or cloud-enabled. Cloud-native is born in the cloud. The applications are designed to run in a public cloud like Amazon, Microsoft and Google offer. These cloud technologies allow for accessibility and scalability, and allow developers to continue to deliver new applications more quickly and easily.  

Cloud-based technology forms the middle ground between cloud-native and cloud-enabled approaches. These are used when a provider wants to leverage some of the capabilities of the cloud such as higher availability and scalability, but doesn’t want to completely redesign the application to use cloud services. Moving an in-house web application to cloud servers allows a vendor to have a “cloud-based” application. 

Cloud-enabled usually refers to applications built traditionally and then migrated to the cloud. This is what the majority of existing PACS are. The original design of these applications follows a monolithic approach and relies on local resources and hardware. It rewrites the existing code in order to improve its readability, reusability or structure without affecting its meaning, utilizing virtual resources while keeping the underlying architecture unchanged. The application cannot take advantage of shared services or resource pools as easily as cloud-native and, as a result, cannot provide the scalability and resiliency of other cloud applications. 

The main differences between each approach varies based on a number of areas. These include system design, ease of use, implementation, maintenance, pricing, security, storage, testing, disaster recovery and, of course, system performance. 

Deciding which solution is best depends on your application. While not everyone needs a cloud-native solution, these applications are designed to leverage the full potential of cloud services. They tend to provide more advanced security, optimized storage, efficient testing, robust disaster recovery and high performance. Because cloud-based applications were originally designed for in-premise environments, they may require more effort to achieve similar outcomes. The choice between these approaches should be considered relating to the specific needs and constraints of the application and organization. That said, the bottom line is all will work. 

Proponents of the cloud like to argue over what is the best advantage, often sounding like a Miller Lite beer commercial: “Tastes great! Less filling!” The truth is while the cloud offers many of the advantages, not all are applicable or even required by all sites. 

Nearly everyone can benefit from not having to purchase hardware that is obsolete within months of it being installed — if even that long. Having hardware and software located and supported by the vendor off-site is a huge plus. Still, a well-designed system will require some on-site hardware including the radiologists’ workstations, distributed backup servers, cybersecurity and interfaces to clinical systems, such as the electronic medical records (EMR) and others. These servers are used to allow the radiologist to continue to read in the event the connection to the cloud goes down. 

While you can have redundant network connectivity to the cloud, the costs often exceed the value especially relative to the 99+% SLA (service level agreements) that many of the cloud providers are committing to. Some sites also prefer to have and keep doing primary results reporting on site and replicate the data to the cloud. Ditto with off-site archiving as the cost to migrate the data to the cloud too often exceeds the value. An exception to this is situations where there are multiple hospital sites, outpatient centers and other facilities all sharing patient data internally as well as to other technical resources (i.e. doctors). 

The existing on-site archive, be it a VNA or other archive solution used, often suffices for many facilities, especially smaller sites like outpatient imaging centers and small (<200 bed) hospitals. This is not to say that you cannot or even should not consider migrating the existing data to the cloud. It just means that the costs sometimes exceed the value; these need to be weighed out. Of course, having standardized data shared in a central database has its own intrinsic value as well. 

Using operating expenses (OpEx) capital expenditures (CapEx) is by far the biggest single advantage the cloud offers. Most replacement PACS take two or more years from the submission of budget to approval to spend. In that time pricing and system designs have often changed, as well as the initial vendor of choice. With OpEx you bundle all costs at a fixed price per procedure that incorporates software, support and often training and implementation as well. The only additional costs are usually cloud connectivity, however, this varies depending on speed, distance to the nearest hub and volume. Op Ex also allows a site to budget based on current and projected volume growth.

Ensuring Data Protection

Concerns about data security and HIPAA compliance have made a 360 turn in the past few years. Many providers shied away from cloud over the past decade, then embraced it slowly looking more closely at how the cloud could actually enhance cybersecurity. It used to be having a business associate agreement (BAA) in place was sufficient to cover the facility from penalties associated with a breach. After the recent Change Healthcare breach, however, many IT departments and radiologist alike are now back to taking a closer look at what is being done to prevent breaches, and addressing who is responsible for data protection. 

Technically it used to be the healthcare provider and not third party that was the responsible party for preserving and protecting patient data. In early June, HHS indicated that radiology facilities were not responsible for breach notifications after the Change cyberattack, and that the provider was responsible for notifying affected parties. It did not address HIPAA penalties, but one would have to assume that if the breach was not related to that of the facility, penalties would not be enforced. If the breach was a result of something the facility or its participants were responsible for (radiologist reading from home for example), then the circumstances need to be closely reviewed before any HIPAA penalties are accessed. Because of these changes most IT departments are taking a closer look at their cybersecurity schema well beyond the use of a virtual private network, including the use of data encryption.

The need for high-powered servers for processing much of the AI data often dictates that it be done in the cloud. Having a PACS in the cloud along with AI allows current and prior data to be matched up, sent to the AI server, have the data processed, then sent back to the radiologist for interpretation. Because of the processing power required to process the data in an AI application, the cost for a dedicated on-site AI server is often prohibitive. In addition, like nearly every other piece of hardware, except maybe monitors, the hardware used is obsolete within months of it getting installed.

Various forms of AI require different server applications as well. Workflow orchestration — where studies are directed to the radiologist to be read based on a host of factors — helps avoid cherry picking or selecting those studies with the highest RVU value, which can be done transparently using AI as well. Again though, this is better done off-site.

Most PACS have at least one systems administrator as well as additional IT support. Moving to the cloud can reduce the amount of required system support and show significant cost savings over a five- or seven-year return on investment (ROI) period. 

Being in the cloud is a plus for many facilities, and makes it easier for Locems Tenens and after-hours coverage if the contracted group does not provide this. From a facilities standpoint, having a cloud-based system offers a clear-cut line of demarcation allowing studies to be read without having to allow access to any of the facilities’ clinical systems, including PACS. 

Cloud Radiology Information System, or Cloud RIS, is also starting to come of age. It improves data accessibility, enhances collaboration among medical professionals and allows for cost effective storage solutions as well.  

Making Every Dime Count

Choosing a PACS vendor’s cloud solution is more involved than just picking which approach you select. Some vendors support all three of the major cloud providers, while others have a relationship with just one. Some perform the data migration internally, while others use third-party solutions. Some use proprietary hardware at the workstation level while others use commercial off the shelf (COTS) hardware. Nearly all use monitors designed for radiology reading applications with laptop applications being the only exclusion. As crazy as it may sound, focusing solely on technical specs doesn’t really matter. Performance is key regardless of how it is done. 

Radiology is a game of volume and seconds. If you can shave 10 seconds off an interpretation through faster display times, implementing a better workflow, using AI, or any other means, that benefits the radiologist and facility that significantly reduce the return on investment (ROI). And the bottom line with anything being used from a technology standpoint is “Will it make me money or save me money?” Improving patient care matters but not at the expense of either the facility or radiologists. This comment will no doubt be considered controversial, but in these challenging economic times, every dime counts. Once AI algorithms are given, a schedule I CPT code and payment is mandatory, the floodgates may open up for using AI. Until then, less than a handful of companies have a schedule III CPT code that allows an insurer (but not Medicare or Medicaid) to pay for emerging technologies if/as desired. Some, but not many, facilities will use AI technology and bundle the cost with the study cost for private insurers and self pays, however these are exceptions rather than the rule.

The cloud has become the defacto standard with on-premise solutions relegated to being used selectively. These include small outpatient imaging centers, smaller facilities, or multi-site facilities where IT resources are deep and the preference is to maintain everything within the facility, or at least a site controlled by the facility (for now). Once clouds prove they can address the needs of everyone in a cost-effective manner, you will see the cloud become almost universally adopted.

Michael J. Cannavo, better known as the PACSMan, has been in the medical imaging marketplace for over 40 years working with hospitals, radiology groups and imaging centers, proposing and implementing workable, cost-effective solutions for imaging department. He has had over 350 articles on PACS and AI technology published in industry trade journals and has extensive experience in the implementing of both on-premises and cloud solutions as well.