Storage VARs Monitor HIPAA

"We give them the good, the bad and the ugly," says Jerry Carleo, channel support manager at StorServer, Colorado Springs, Colo. "Then we look at where the StorServer backup technology can be of use."

It's an obvious assumption that HIPAA is forcing many in the health-care profession to move from paper to electronic records in order to comply with rules regarding the privacy and security of patient information. Suffice it to say, all of this data now needs to be stored and protected somewhere. The end result is that health-care providers are gobbling up increasing amounts of storage, creating SANs, shoring up disaster-recovery plans and investing in storage-management solutions. And one way vendors are gearing up for this business is by forming partnerships with health-care solution providers, ISVs and consulting firms.

"The larger entities are having the greater degree of challenge because they have classically been trying to manage everything at a much higher level than really what is called for in the HIPAA regulations to date," Carleo says.

StorServer, which primarily sells through solution providers, began working with PDM Consulting last fall. Another pairing is EMC's March partnership with GE Medical Systems, which develops and deploys health-care applications. That resulted in deals for EMC with UCLA Medical Center, Loyola University Medical Center and Princeton Medical Center. Similarly, in February, leading storage technology vendor StorageTek formed an alliance with Stockell, a health-care consulting firm and solution provider based in St. Louis, to help health-care clients quickly come into compliance with HIPAA privacy and security rules.

Tackling Volume

In many cases, HIPAA is forcing health-care companies,particularly hospitals,to evaluate their IT infrastructures and how they manage and store data. Some of these companies process 4 million transactions a month.

Take, for example, National Medical Health Card Systems (NMHC), a Port Washington, N.Y.-based company that manages prescription-drug programs and is responsible for 2.5 million patient records. The HIPAA rules increased the company's backups by 20 percent, says Mark Deck, NMHC's director of infrastructure and technology. And Deck needed to streamline the company's backup processes under a unified solution to reduce compliance costs.

Like many midrange companies, NMHC had one backup solution for its Unix-based applications and another for its Windows-Intel environments, says Tony Ferrante, associate vice president of sales for Computer Design and Integrator, a Teterboro, N.J.-based VAR that helped NMHC revamp its backup practices. He says NMHC was close to achieving a unified tape backup solution in which all data is backed up on an enterprise SAN, regardless of the hardware or software platform.

"These were single applications, and traditionally they were segregated from the enterprise environment," Ferrante says. "What I have seen lately is the enterprise and Wintel space are starting to merge more. The CIOs are taking a stronger interest [in storage management] because they need to do more with less."

It's not just HIPAA that's driving health-care technology spending. Ferrante says the technology is finally reaching a point where it is useful in tackling health-care issues and problems. Ferrante also says health-care organizations are increasingly hiring managers with business and finance backgrounds who are willing to invest in IT. n