Frank Nydam is senior director of healthcare solutions in the office of the CTO of VMware.
Tell me about yourself and the company.
I’ve been with the company for just over 12 years. The last seven have been dedicated to our healthcare provider market. My team and I develop solutions along with our customers and ISV clinical application partners to help healthcare make that jump from yesteryear to tomorrow.
CIOs have to deal with infrastructure issues such as security, mobility, and cloud computing. What worries CIOs the most?
Top of mind in the last couple weeks has been security. I’d like to touch on that, but prior to that, it’s the overwhelming complexity that healthcare CIOs are dealing with.
If you think about the last 20 years of the applications and the infrastructure they needed to build to support the hospital, they still need to support that infrastructure and application set today, yet some of those technologies are pretty old and brittle. If you look at some of the new services, EMRs, and new mobile services, it’s almost a collision between the old world and the new world. That’s on top of their mind. That’s a lot of complexity to try to fit those two worlds together.
Number two is definitely security. With the recent breaches out there, I’ve had several CIOs say to me that the only thing the board would like to talk to them about is keeping their names out of the paper. That is definitely a big issue now. Obviously with so much complexity, it’s very hard to secure assets like that. That’s been our main talking point when I’ve been on the road meeting with our customers.
Everybody was worried about external hacking against their domains, but the big problem seems to be phishing attacks used to steal administrator credentials. Do any solutions look promising for that problem?
A good analogy would be that if you look at a hard-boiled egg, it’s very secure on the perimeter. It’s got a hard shell. If you look at healthcare security, we do a good job of securing the perimeter of the hospital from intrusions. But once somebody gets in and breaks through that proverbial egg, they have the full run of the infrastructure. Once they’re in, they can start snooping around, picking up passwords, data, what have you.
We have been focused on what happens once you get through that perimeter security. We purchased a company just about two years ago called Nicira. It was a startup out of Stanford. Our goal here is to do for networking what VMware has done to the compute side, to provide policy-based network services. Not at just at the perimeter, but for every workload, and make it really intelligent that regardless of the location of that virtual machine, it’s always protected by that security policy. It can only ever talk to its web server or its client.
We feel that’s going to help what we call the east-west communications. Going back to the egg analogy, if somebody does get through the perimeter, how are we going to protect the inside of that? We’re bullish on that. It’s a solution we have been working with in our enterprise customers. We’re trying to bring that into the healthcare industry right now.
Maybe hackers are using phishing attacks because perimeter security is working and they had to look for other weaknesses. Could there be a virtual firewall for the desktop since you have control of each VMware session and also AirWatch for mobile sessions? Can you protect users similarly to the way firewalls and antivirus software work?
Absolutely. If you walk through that from a virtual desktop perspective, we created a solution called AlwaysOn Point of Care. Right off the bat, the patient records never leave the data center. We present that desktop out to the clinician, whether it’s on a mobile device, on a desktop, what have you. That first step of security is not even having the patient records outside the perimeter.
You hit it on the head. Our product called NSX provides a distributed firewall in every single ESX server that’s out there. Whether it’s a VDI desktop, a server application, what have you, we put a virtual firewall around that device, around that application. If you think about trying to do that in the physical world, it would be nearly impossible to put a physical firewall in front of every single desktop device and application out there. It’s physically impossible as well as financially impossible. That’s one of the benefits and disruptions of our technology, that ability to have a firewall in front of everything and protect it. A term out there that’s emerging for that would be called micro-segmentation.
It’s been just over a year since VMware acquired AirWatch. What are hospitals doing with it?
If you look at healthcare, there’s not only an external generational issue with patient population, but it’s internal as well. The younger physicians want that same experience that they have outside the hospital inside the hospital. Call it BOD, call it what you wish. AirWatch allows us to provide that consumer-like experience to that physician so they can take their patient records home with them and work from home. We often get, “It’s really changed my family life because I can start doing charting from home rather than being inside the hospital. It has really been a revolution for us.”
But we’re just scratching what we’re going to be able to do with the AirWatch product. If you think about higher-level features, imagine geo-fencing to be able to contextually say, the doctor is outside of the hospital, they’re at home, they want to do e-prescribing. Let’s enforce two-factor authentication so they can do e-prescribing. But if they’re inside the hospital on that specific network on that specific device, let’s make it easier for the physician to do their job and take some clicks out of that workflow.
We feel that’s that next stage. We’re calling it the next-generation clinical workspace. How do we move from the technology of 20 years ago and give that physician that workspace, that device, regardless of their location application, to get their job done?
Is a point coming where hospitals can get away from running physical data centers and managing servers and infrastructure and get back to their core mission of using rather than maintaining technology?
Absolutely. We believe it’s going to be a hybrid world, meaning that we’re going to see hospitals continue to hold on to some of their infrastructure and applications where they feel its core value to the hospital. They’ll run that on-premise in a private cloud.
But for applications that no longer fit the mission but are required for the hospital to run, we’re starting to see those applications move out to a hybrid cloud. In our world, we want that private cloud and public cloud to be connected, and that’s what we call hybrid.
Probably the biggest use case we see for hospitals right now is something we’re calling legacy decommissioning. If you think about all the mergers and acquisitions that are going on in healthcare today, hospitals are saddled with a lot of old data and old applications that may not be core to their mission any longer, but they need to take it forward for merger acquisition or for read-only. We’re allowing our customers to decommission that legacy data and those applications to a cloud that looks, feels, smells, has all the security of their private cloud, yet it sits in a VMware vCloud — what we call VMware vCloud Air. We believe that’s a great first step for a lot of these hospitals who may be wary of putting PHI in the cloud or older applications or even newer applications. That has been a big hit for us.
In medicine it’s not that we don’t have enough medical experts, they’re just not spread out equally, so Boston has a lot and North Dakota doesn’t. The same is true with technology support talent, where small, rural hospitals don’t have the same technical resources. Will a move to cloud access better distribute the technical expertise needed to keep applications running?
That’s absolutely correct. I’m personally passionate about rural healthcare. I think it’s something we as an industry need to keep an eye on, making sure that these rural community hospitals, physicians, and caregivers are getting access to the right data, new applications, what have you. The ability to run some of this in the cloud and let a developer that’s really good at MUMPS in Boston support a physician or a small community practice of North Dakota — that’s a perfect use case for helping retain our rural community healthcare centers.
It’s almost like a democratization of healthcare IT talent in the same way that you can be a C++ developer sitting in Germany working for an American company. We need to bring the same type of democratization of skill sets into healthcare.
What are small and medium community health systems doing with the cloud?
It’s funny — there’s been so much “cloud washing” over the last five or 10 years that we had found ourselves stopping using the word “cloud.” I’ve seen some CIOs actually putting in a spam filter that says any email with the word "cloud," send it to the junk bin.
We took a different approach. We sat back with our customers and focus groups and said, at the end of the day, what are you trying to get out of that? What’s the outcome you’re trying to get from going to a cloud? They came back to us with about eight outcomes that any cloud should provide. That allowed us and our customers to focus on the outcome they’re trying to get rather than this fluffy computing term called cloud.
We built a framework called vCloud for Healthcare that defines the outcomes that a hospital can consume, whether they be application delivery services like virtual desktop or AirWatch to analytical, financial, and continuity services. That has allowed the smaller hospitals to consume and find value out of it quicker. Because again, there has been so much cloud washing that some vendors were walking and saying, “We can do anything with the cloud.” It was slowing down progress and innovation. Defining the outcomes and not being too concerned about the big fluffy name has helped us move along.
I’ll give you a great example. I had mentioned earlier legacy decommissioning. It’s a great opportunity for a small community hospital to see and feel what it looks like to use the same tools that they use internally and externally and relieve some pressure — regulatory pressure, data center pressure, and financial pressure. You hit it on the head — there is a big disparity between larger IDNs and academic research centers versus the community hospitals. This has really helped them.
Do you have any final thoughts?
When I started here, we were about a 300-person company. We’re about a 17,000-person company now. It has been quite a journey over the last seven years focusing on a specific customer set. I have been able to attract some of the most passionate and talented healthcare IT professionals. I have former CIOs, CEOs across the country, and heck, some folks even have patents out there in smart room technology.
This has been not only rewarding personally and professionally, but I’d like to look back on my career to be able to say we’ve left healthcare with something positive. Not from a sales perspective or a revenue perspective, but that we can look back five or 10 years from now and say we made healthcare a little bit better for you, my family, what have you. Some would say that’s a pretty idealistic view of the world, but it’s a great way to get up every day and help our customers. I just am so jazzed about the future of what we’re going to be able to do.
We need to help healthcare IT industrialize itself. For too long it’s been a piecemeal of this part and that part. I’m excited about how we can help healthcare industrialize, to make them look, feel, and act a little bit more like financial services so they can go innovate.
I do a lot of traveling and I see a lot of frustration out there among customers just trying to keep the lights on all day. We’ve got to get you guys away from just keeping the lights on and get back to your day job so you can innovate. That’s what gets me going in the morning.