HIPAA Compliance. Boom, done for me. The laws on the use of cloud services for storing of patient data see to depend on where you live, what courts have ruled in which ways and how well you can explain to an investigator that you are working to encrypt everything. And the Internet sucks out here. It sucks so terribly bad that it goes down at least once a month. Each outage puts you dead in the water, unless you have local access to the data which negates the cloud in the first place. One of the joys of working health care. Funny story time, so gather around all. The local hospital, about the time I started the current gig a decade or so ago was take over by stock guys. These guys did not know anything about running a hospital but they knew how to use stocks and bonds to trade companies and write reports that Banks and Brokers loved. After the buyout was done, they canned the entire IT staff and outsourced EVERYTHING. Once the outsourcing was done, it cost $100 to replace a keyboard or mouse, $150 to do a monitor swap, all the first line tech support went from people in the building to people overseas, the network team was replaced with a contractor that was also working for other hospitals and did not care to prioritize any of them, and the hospital completely botched the relationship with the local IT/tech community. The outsourcing saved, if the rumors are to be believed, $600,000 in each of the first two years. Then stuff started the break and fail. And the contracting company got it fixed on THEIR schedule. People started to complain about how bad the IT was. Meanwhile, we were still insourced, but a few docs thought they should look into outsourcing us. We sent them to go talk to the hospital, which killed that talk thankfully. ACA is passed and hospitals now have to go EMR. The local tech community is still pissed over the way the outsourcing happened so they had to go with people from out of town who did not understand the city culture, did not fit in with the teams who would up doing the actual work, and from what I hear, they had to pay way extra to train people who no longer had a local internal IT group to learn from. The EMR rollout did not go well. The hospital is now a part of a larger group and some of the physician groups are demanding local IT people, but they cannot do it due to contracts with the overseas people and the local contractors who are now riding out till the end of the contracts they signed. There are certain tasks that IMO should be outsourced. Building an initial web site, hosting the web site, training on computer skills, running cabling, the stuff that gets done once in a while. But hire a team that can do the tiny tasks in house and not have to spend money and time waiting on the out side sources. A good IT team is never around until its time for meetings justifying their pay and budgets. A great IT team helps build skills and makes the end user community more tech savvy and efficient at their jobs. And losing that institutional ability and skill set if not done right is like throwing sandpaper in the gears of a business.Nah, the hardest thing is explaining why that's bad.
But anyone you're having that discussion with has never met a good systems administrator, thinks of systems administrators as expensive janitors, and assumes the interesting problems a sysadmin should be solving belong to the application programmers instead.