More than a path to digitization or a mere advancement in monitoring, Cisco Full-Stack Observability solutions are a strategic asset that empower patient care and clinical outcomes via secure, performant, always-available digital experiences

The healthcare ecosystem faces an entirely new environment than it did even just a few short years ago.  Healthcare organizations are under enormous pressure to integrate the latest technologies into their business models and IT architectures. This is disrupting service-delivery processes, patient interactions, and administrative operations, and has set digital experience expectations skyrocketing.

Enhanced patient satisfaction and engagement were the top digital transformation priorities for 92% of health systems in a recent Deloitte-Scottsdale Institute survey. Simultaneously, these organizations are grappling with evolving regulatory and risk concerns, as well as significant staffing strains.

Supporting this transformation is a vast ecosystem of mobile medical, m-health, and point-of-care (POC) applications for accessing, managing, and storing electronic health records (EHRs), electronic medical records (EMRs), and patient healthcare records (PHRs). They are used for purposes spanning health data analytics, appointment booking, pharmacy medication reminders, telehealth, remote patient monitoring (RPM), and secure access to information held in structured and unstructured repositories such as databases and medical imaging systems.

Healthcare institutions are also realizing the importance of AI-powered tools to bring cost savings, process efficiency, and better clinical outcomes. The National Institutes of Health (NIH) indicates that AI applications will cut annual US healthcare costs by $150 billion – about $460 per person the US – in 2026.

Overall, these applications improve access to care, decision making, and communication with patients, specialists, suppliers, insurance carriers, billing departments, and risk management personnel. As such they need to be made HIPAA compliant and ensure data privacy and security.

However, a recent survey of National Health Service (NHS) trusts in the UK shows unreliable infrastructure and poorly performing systems compromise patient safety by making it difficult to quickly access vital information. Estimates show that 27% of clinicians lose over four hours of productive work each week as a result.

Moreover, a survey on EHR Response Time & Reliability reveals that almost half (44%) of clinicians do not agree that their EHR is fast enough. In terms of system reliability, 23% of clinicians do not agree their EHR is available when needed.

Digital transformation among healthcare organizations, and the chronic lack of resources to support secure, always-on, performant digital experiences, means inefficient, unstable, and unavailable applications and infrastructure are more than mere inconveniences. Inability to access critical patient information in a timely manner due to poor application performance directly affects practitioners’ ability to deliver safe and effective care.

The consequences are real. Consider a patient in crisis while a nurse waits for a slow application to help assess records and determine what medication can be safely administered. Or imagine the human cost of even an hour of downtime due to a data breach or broken applications programming interface (API) call – lives quite literally hang in the balance.

Observability aligns with organizational objectives

The challenge for technologists in healthcare settings is managing the growing complexity of the disparate tools and technologies that support applications and the digital experiences they enable, while keeping them secure. They have often relied on monitoring solutions to understand the status of system performance and reliability, and a patchwork of security solutions to detect and fend off potential security threats, leading to the development of IT and operational silos.

Just as medical telemetry systems capture patients’ vital signs and transmit them to a central monitor for analysis, multiple infrastructure and application monitoring tools capture and leverage metrics, events, logs, and traces (MELT) — collectively referred to as telemetry data — to provide some level of insight into the state of each of the underlying layers of virtualization, serverless components, APIs, and multi-cloud configurations.

However, they are simply a means to identify whether systems are operating outside of pre-determined baselines. They deliver a torrent of unmanageable alerts on anomalous behavior that must be analyzed and prioritized in real time by beleaguered IT and security teams. Monitoring also falls short in providing cross-domain and service delivery insight, information about operational dependencies, and the ability to predict the likely consequences of a given status.

Lack of standardization and interoperability across data-driven systems and solutions also poses a critical challenge, contributing to growing burdens of cost and time from the need to support manual workflows that manage and align disparate data sources. As a result, identifying the root causes of performance problems can be extraordinarily complex and is often so time-consuming that problems are sometimes ignored unless critical.

This has created blind spots where technologists encounter significant delays in identifying performance and security issues, triaging and fixing them. Technologists have needed to rely on an IT war room approach to troubleshooting performance or security problems, gathering experts from cross-functional teams to assess whether the root cause lies within their area of responsibility. This is painfully expensive as numerous team members spend time investigating issues that were never theirs to find or resolve.

The Cisco answer is observability over the full application stack – Cisco Full-Stack Observability. It is more than simply a path to digitization or an advancement in monitoring capabilities, but rather a strategic asset. It cuts through the clutter by using the information contained within vast streams of incoming MELT generated by healthcare IT systems and applications to create actionable recommendations and insights tied to organizational and clinical objectives.

Our experience at Cisco is that healthcare institutions can capitalize key principles around Cisco Full-Stack Observability for succeeding in the digital-first world. A shift away from siloed monitoring and reacting to performance and security problems into a proactive stance where potential issues can be identified and addressed before they become problems changes the game entirely.

The Cisco Full-Stack Observability portfolio includes infrastructure monitoring, application performance monitoring, business performance management, digital experience monitoring, application security, application optimization and logs, with business context. Cisco Observability Platform brings together Cisco observability capabilities on a common platform with a unified data model and allows extensibility by third parties.

Collectively, these solutions allow healthcare organizations to improve interactions with patients and ecosystem partners, control costs, streamline operations, and better manage the regulatory landscape. They empower delivery of the best patient care experiences and increase staff productivity by helping technologists provide secure, real-time access to patient data via performant, always-available clinical and operational systems.

Improving the end-user digital experience

For organizations under pressure to increase access to healthcare outcomes and patient engagement, secure and reliable digital experiences are crucial. Telehealth, RPM options, and secure access to personal healthcare information are now baseline expectations.

When the applications that enable these interactions don’t function reliably, lives may be at stake. Cisco Full-Stack Observability provides a user-centric view that bolsters digital-first healthcare delivery and patient engagement by providing better visibility into back-end systems that support them.

Cisco Full-Stack Observability capabilities include digital experience monitoring (DEM) and application dependency monitoring for both hybrid and cloud-native applications. This gives healthcare IT teams actionable insights into digital experiences that can help them to ensure performant, secure applications and underlying infrastructure.

These capabilities also enhance visibility into existing clinical systems and the applications that touch the digital front door through which patients access records, schedule appointments, receive virtual care, and manage payments. Conversely, contact centers can scale services and support high call volumes while understanding how issues with the network and connected applications impact the user experience.

Digital Experience Monitoring (DEM) allows technologists to dig even deeper by correlating application performance data with network metrics and intelligence to reveal anything that impacts the user experience. For example, if a bug is causing a potential lag in a scheduling app or slowing clinical point-of-care (POC) documentation devices, that could create needless frustration for patients and lower quality of care.

Cisco Full-Stack Observability solutions pinpoint the issue and help healthcare IT teams address it before the end-user even notices there is a problem. This helps patients get the care they need faster and more efficiently, and in the longer term means providers can build trust, support workflow portability, and cut down on the approximately 25-50% of nursing time spent on documentation.

Application dependency monitoring combines real-time application dependency mapping with network data, extending visibility even further to include connectivity. The intrinsic dependencies of healthcare applications means that a single failure can have a cascading effect on the entire service offering and digital experience. For example, many healthcare provider websites are enabled by an array of APIs that can be accessed over HTTP web services. Similarly, REST API-based microservices could enable billing applications to file claims with insurance carriers.

Most clinical applications use some form of SQL database. With SQL, healthcare providers can retrieve patient information, track treatment plans, and monitor patient outcomes. SQL also plays a critical role in medical research, clinical trials, and healthcare analytics.

Common SQL database management software (DBMS) systems in healthcare are Microsoft SQL Server, Oracle RDBMS, and MySQL. It is also common for healthcare applications to also use IBM Informix, IBMDB2, Improvado, Altibase, or document databases like MongoDB, Amazon Aurora, and others. Application dependency mapping, powered by Cisco Full-Stack Observability, can help identify these types of common dependencies.

In addition, Cisco Full-Stack Observability application monitoring capabilities reduce risk associated with insecure or unreliable data exchange and processing with end-to-end visibility of integrated systems and data sources.

Delivered with institutional context that guides teams to prioritize issues in order of their actual and potential impact on the organization, these unique capabilities allow technologists to understand their infrastructure stack, dependencies and potential bottlenecks in ways that were not previously possible.

Institutional context in healthcare IT security

Applications that allow access to electronic medical records, medical management systems, imaging, biomedical information, material management, patient accounting, admitting information, and online claims submissions are becoming commonplace in both traditional and mobile scenarios. Today, healthcare systems can merge these tools into one hybrid infrastructure to more effectively communicate and collaborate, reduce errors, and improve patient care and efficiency. This results in lower care costs.

However, as healthcare providers adopt new technologies, they also face new security threats. Insecure applications, disaffected employees, and human error present real dangers to healthcare systems. According to Forrester Research, healthcare is the only industry to hold a “dubious triumvirate” as the most attacked industry, the highest average cost of a data breach, and the slowest incident response time.

The challenge for security teams faced with a deluge of seemingly high-priority alerts is to determine where they should focus their attention. Cisco Secure Application, a Cisco Full-Stack Observability capability, provides business risk observability for hybrid applications. Business risk observability prioritizes security issues based on potential impact on institutional imperatives.

Teams can identify risks in hybrid applications and drill down on those that have higher risk scores. Cisco uniquely provides this score, which combines application observability and overall institutional impact data with security and threat intelligence feeds from Cisco security products. The real-time risk score prioritizes what needs to be fixed first.

For example, a vulnerability assessed as difficult to target might typically be treated as low priority, however if successful exploitation could result in exposure of personally identifiable information (PII) and protected health information (PHI), the risk it poses to the organization’s reputation, finances and future is significant.

Cisco Secure Application aggregates information by looking into internet access, data storage usage, third-party vulnerabilities, runtime behavior, and use of insecure external APIs. Context is provided around identified security issues including analyses of activities that show upward risk trends. It then offers prioritized real-time remediation steps to accelerate response and address key risk factors.

Cisco Secure Application also provides application security with business risk observability for cloud native applications. This includes multi-node healthcare monitoring solutions, cloud-based AI-driven video analytics, clinical decision support systems (CDSS), health information exchange (HIE) systems, telemedicine platforms, and even drug discovery tools. Cisco Secure Application provides context around vulnerabilities, traces workflow performance, and reveals infrastructure and associated data risk.

Prioritized remediation steps help cloud-focused application teams speed up their response to address key risk factors. This includes the ability to locate, highlight, and correlate security issues across application entities, such as Kubernetes pods, making it possible to look deeply into the security issues that elevate risk scores.

Securing the entire application continuum

The introduction of Data Security Posture Management (DSPM) Observability capabilities to Cisco’s business risk observability solution delivers real-time and automated data discovery, classification, policy definition and compliance visibility for sensitive data, in addition to visualizing and prioritizing the attack surface.

For example, healthcare organizations must maintain compliance with data security and privacy mandates including HIPAA, HITECH, and GDPR. Periodic audits are required to ensure sensitive data is accessed in conformity with regulations, and failure to do so can accrue significant penalties as high as $16 million. DSPM Observability simplifies regulatory compliance by automating the enforcement of data security controls and providing real-time insights into potential vulnerabilities.

DSPM Observability also extends data security across the application continuum, offering management controls to restrict unauthorized access to sensitive data and it allows healthcare providers to maintain compliant auditing processes to track, monitor, and manage access, usage, and sharing across systems. Moreover, it allows for consistent, granular policy implementation and enables a detailed auditing trail of data access.

Access governance capabilities are key as patient engagement has exploded with digital conveniences like online patient portals, electronic pharmacy options, telemedicine consultations, fast check-in, and web appointment systems. The infrastructure behind the applications that support these digital experiences includes customer single-sign-on, medical history, billing information, and treatment details.

Automating CI/CD pipelines for software delivery management allow DevOps and DevSecOps teams at healthcare organizations to offer better features, faster – and to stay on top of the patient engagement wave. At the same time, research by Enterprise Strategy Group revealed that nearly half of developers surveyed admit to being regularly pressured into releasing code they know contains vulnerabilities, to meet deadlines.

The combination of Cisco Full-Stack Observability solutions and Cisco Cloud Application Security offers a powerful approach for securing and optimizing applications while maintaining business context. Unlike point solutions, Cisco Cloud Application Security brings together multiple feature sets to help software development teams achieve better visibility, better risk prioritization, reduced costs, and improved efficiency at any stage of cloud maturity.

Cisco Cloud Application Security uses an agentless approach to enable comprehensive visualization of the entire cloud stack. It also provides advanced attack path capabilities to help teams understand how an attacker may leverage multiple risks, including vulnerabilities, misconfigurations, and overly permissive roles. Finally, it offers step-by-step instructions and specific command lines to remediate threats detected in the application environment.

Optimize application infrastructure and rationalize applications

Financial and human resource constraints are rife throughout the healthcare industry. The rapid pace of digitization has created inefficiencies of its own, and healthcare organizations need help leveraging technology to reduce costs and improve productivity.

Just as developers have been under pressure to deliver code in tight timeframes, IT teams have been required to spin up cloud resources at short notice to support application launches, with little visibility into expenditure.

Cisco Observability Platform is an extensible software platform that hosts an ecosystem of modules, plug-in like extensions that enrich the functionality of observability solutions powered by Cisco Full-Stack Observability. It empowers Cisco development partners to build observability solutions for their own unique contexts.

For example, frequently cloud resources are under or over-allocated, resulting in performance bottlenecks on the one hand, and sunk expenses on the other. Both scenarios deliver poor outcomes. Delays in patient care resulting from system failures during patient intake, appointments or hospital stays can be reduced by ensuring critical applications have the right resources allocated to them to function optimally.

Cost and Workload Profiler module identifies areas where cloud resources are being underutilized or are running close to the red line and therefore pose a risk to performance. Cost Insights module allows direct comparison of allocated costs versus utilized costs at an application level. Application Resource Optimizer module proactively recommends changes to resource allocation for on-premises and cloud-based workloads to allow efficient performance.

Collectively, these optimization modules allow IT and FinOps functions to bypass countless hours of manual analysis and testing, using machine learning to assess optimal allocation and providing direction on ideal configurations.

Additionally, application dependency monitoring can be combined with application resource optimization capabilities, allowing healthcare organizations to assess existing infrastructure and application performance to meet goals aligned with the HIMSS INFRAM model. This helps improve cross-domain collaboration between siloed teams, minimize overlapping applications, and eliminate shelfware by cataloguing applications and their dependencies.

Cisco Full-Stack Observability improves healthcare outcomes

Effective observability demands real-time availability of all relevant telemetry data. A common complaint revealed in the IDC Market Perspective Getting Data Collection Volume Right Is the Top Observability Challenge is the inability to capture the right amount of observability data. Nearly half of organizations surveyed admit they’re collecting too much. Worse yet, they are collecting a mean 30% of their observability data in duplicate as siloed teams gather data for their own purposes.

This can leave healthcare organizations drowning in the data that holds the key to application performance and security issues, with no effective means of accessing it. The problem is compounded by disparate monitoring tools that are unable to correlate data in a meaningful way.

Cisco stands alone in its ability to help healthcare organizations reap the churn of the massive flows of telemetry data that come from their application estate. Cisco Full-Stack Observability gives them access to all relevant telemetry data, including data from the network, which other solutions often omit altogether.

In this respect, solutions powered by Cisco Observability Platform naturally right-size data collection by eliminating the need for duplication, correlating data, and providing institutional context that points to which issues are most likely to be performance- or security-impacting.

It’s a fundamentally different and vastly more powerful approach. Healthcare IT teams now have an end-to-end view of the entire digital experience from the application itself, its on-premises and cloud-based infrastructure and compute dependencies, and out to the user device through the network.

That gives technologists a broader understanding of the “full” application stack while bringing cross-domain IT teams together at the same table as administrators, clinicians, and specialists in healthcare provider organizations to ensure digital experiences are aligned to strategic priorities and ultimately successful patient outcomes.

See how Cisco is shaping the future of healthcare

Learn more about Cisco solutions at

Cisco at HIMSS 2024

March 11-15, 2024 | Orlando, Florida | Booth 3961 – Cisco


Joe Byrne

CTO Advisor

Cisco AppDynamics