Another day, another huge data breach and enough money spent on spin and Marketing deflection to seemingly support a small country.
In medicine, this doesn’t fly. Doctors under time pressure are a lot like Navy SEALS, they “Own It”. They’re accountable to their patients’ life and death results. The good ones aren’t pointing fingers and assigning blame to every possible externality. They own the patient’s outcome and that’s what makes them excellent. Their best administrative peers share this philosophy making highly accountable teammates a rare, cherished breed in medicine.
What does this have to do with technology and cloud?
Some reports put cloud computing adoption in medicine as low as 6% [1]. With all the hype of cloud, how can this be you ask? It’s simple for two reasons 1) Healthcare doesn’t trust cloud, period. Every time a customer gets blamed for a major breach, this trust is further eroded. 2) There’s misalignment regarding what healthcare needs to be successful and how legacy cloud vendors make money. They don’t make money until much of the hard work that needs to be done to assess, then select an appropriate instance for any target workload is complete. There are few if any truly independent sources of advice for implementing cloud solutions in healthcare. And thus operationalizing cloud workloads have continued to be delayed.
The vendors pitching health system CIOs often do not fully comprehend the regulatory compliance, security, privacy, and operational complexity that dictate requirements in healthcare. They also don’t understand that technical failure can kill actual humans. Consumer born companies are not built with the intricacies of healthcare requirements at the core which is required to keep patients safe.
As we debate decisions and tradeoffs of our third generation cloud based platform with CxO’s, we have not only learned an enormous amount about cloud computing; At Medigram, we also went out and found a leader with unparalleled cloud and security experience with Eric Svetcov’s appointment to CTO & CSO. Together the team aims to be that brand agnostic CxO advisor who transcends the noise of the hand to hand combat many of you describe having to filter which is depicted to the right of the above infographic. Over the next weeks, we will publish 4 more of a series of 5 including this post on key concepts about cloud computing in medicine. We want to thank our CIO & CISO mentors, advisors, and collaborators for inspiring us. We hope this saves you tremendous time and confusion as you map your IT organization’s journey. Until next time, the image below provides food for thought for planning your effective cloud journey.
Sincerely,
Sherri Douville & Eric Svetcov
[1] 451 Research report on Cloud Adoption in Healthcare
Eric Svetcov is CSO and CTO for Medigram. Eric is an Information Security and IT authority with International Experience and Deep Cloud Computing Knowledge. He is a recognized leader in the healthcare technology space for building highly resilient and performant solutions with security, privacy and compliance requirements built in at all levels of the solution. Some highlights include Eric’s leadership as a startup veteran whereas he built the security program and IT operations from scratch 4 times. He lives to deliver best in class security program and product; he is adept at building effective security solutions that allow clients to sleep well at night.
In any professional sport whether that is football, basketball, and business, Svetcov knows that offense gets you in the door, but it’s great security defense that keeps you in the game; Eric knows that it is the team that wins championships.
Eric Svetcov has repeatedly built security programs that meet certification programs the first time. He co-wrote the book on how CISOs should perform. He also lead the team that won the race for the first ISO 27001 certification for cloud companies.
Having clients using our solution to save or improve lives electrifies the Medigram team. Eric is driven to improve patient care. He does that by and is widely known for driving cutting edge solutions with embedded market winning compliance requirements into high performance cloud computing solutions that solve customer business problems. Eric shares the Medigram team’s passion for helping all stakeholders win together by bringing deep cross functional leadership to the market. This is to help make stakeholders better at their jobs – and helping them be successful in securing and delivering information quickly on mobile so that teams of doctors may save lives quickly.
Svetcov re-designed architecture and infrastructure for a real-time data analytics product delivering $18MM ARR in its first year, drove IT/Operations/Security that enabled 5x headcount growth over a 2-year period. Eric builds scalable Governance/Security programs, including ISO 27001, HITRUST, HIPAA, COBIT, and ITIL in rapid growth environments.
He was an Advisory Council member for the CISO Executive Network, led the first global Cloud Computing Company (Salesforce) through ISO 27001 Certification and did it again with Mede/Analytics where he also led HITRUST Certification with more than 700 assessed controls. Eric’s deep experience includes acting as Caldicott Guardian, Chief Privacy Officer, and Data Protection Officer.
Eric is excited about applying his experience in Architecture, Solution Design, Security, Privacy, IT, Support, & Technical Operations to build one of the most important companies of our time. At Medigram we are building a new kind of company to solve some of the hardest challenges in medicine; initially targeting to save hundreds of thousands of lives and delay disability for millions more. He is skilled at engendering confidence, trust, and performance with both internal and external teams to deliver within specified timeframes. He believes that focusing on privacy and security and leading it is not only the ethical choice, but also good for customers and business
Eric’s confidence in building systems, stems in part by his experience teaching cloud security to security leadership in both the private and government sectors. He built the original HIPAA audit program that KPMG used for U.S. Department of Health and Human System audits. He is a member of the CISO executive network and former advisory board member of CISO executive network, where he learns from and co-mentors and collaborates with other experts including through speaking at conferences
At Medigram, Eric Svetcov is working to build the standard that every organization can aspire to and for developing and nurturing security leaders –he’s always striving with the team on how we can impact and make a difference.
In his off hours, Eric enjoys sports with his kids and spends time on his passion for bringing up standards for cyber security nationally. He continues to spend part of his free time creating training programs and writing about cybersecurity.
