In this blog we’re going to continue looking at real examples of Application Decommissioning success stories—this time in the Healthcare industry. Here we are looking at a complex network of healthcare providers (hospitals, clinics, pharmacies, labs, doctors, dentists, and so forth), healthcare insurance plans, and other related organizations such as billing services and electronic health information exchanges. All of them highly interconnected and sharing sensitive data.
Protected Health Information
In the United States, all of this is subject to strict privacy rules concerning “individually identifiable health information” under HIPAA regulations. This “Protected Health Information” (PHI) includes anything related to a person’s health conditions, health care services, and payments for health care—whether in the past, present, or future.
For PHI stored or transmitted electronically (e-PHI), HIPPA also imposes rigorous security requirements including physical and electronic access control, data integrity and retention controls, and comprehensive audit trail. Improperly disclosing or failing to secure such information can result in fines of $50,000 or more. And other federal and state privacy laws exist to further protect certain kinds of “sensitive” medical information—such as mental health, substance abuse, and HIV status. Globally, many other countries have enacted similar laws and regulations.
Remaining in Compliance while Realizing Significant Savings
In such a highly regulated environment, it’s no wonder that maintaining legacy medical information in the original compliant applications seems prudent. But as in other industries, this approach results in huge maintenance costs to keep running outdated systems. And as these systems become unsupported and increasingly unstable, they can actually increase the risk of non-compliance.
For these reasons, we’ve been helping a variety of different healthcare organizations to implement Application Decommissioning.[1] In all cases, our clients have already realized significant savings from their initial efforts, and have identified many more opportunities for additional savings.
As one example, we worked with a network of 10 hospitals and 48 clinics to decommission a set of home-grown legacy applications that had been replaced by an Epic EMR system. Three applications were chosen for an initial proof of concept, covering both patient information and human resources data. These systems used a combination of older ADABAS “inverted list” database technology—running on a decades-old mainframe—and a SQL Server database running on Windows 2008.
With the help of IBM’s DataStage ETL (Extract-Transform-Load) tool, we were able to successfully extract 2.4 terabytes of legacy data, convert it to XML format, and store it securely in InfoArchive. This included a complex process of integrating EBCDIC mainframe data with ASCII-based RTF, HTML and untagged text data—resulting in seamless XML-based electronic records. And access security was seamlessly integrated with the existing Active Directory implementation.
Easy Search and Reporting
Using the powerful capabilities of InfoArchive, we also implemented modern search techniques while recreating all the original legacy reports. That’s actually a pretty big deal, as there were many such legacy queries and reports to replicate. But this was an absolutely critical step to ensuring that users continue to have all the access they need in way that is familiar to them.
With the ability to turn off the old mainframes and stop paying for experts in the old technology, millions of dollars in annual maintenance costs will be saved. And with InfoArchive’s rigorous security, privacy, and data retention controls, the risk of non-compliance will be significantly reduced. All of this was accomplished in about 5 months, providing very quick results. Our customer is now moving on to decommission the next wave of legacy applications based on the plan we developed with them. The annual savings will keep accumulating as this plan is executed.
In our next blog, we’ll highlight several more Healthcare examples—focusing especially on the explosive trend of healthcare merger and acquisition.
[1] In a previous blog we defined Application Decommissioning as the process of systematically retiring outdated and costly legacy applications without compromising business needs or compliance requirements. We do this with various tools and processes built on top of the robust InfoArchive platform.