We sat down with Tobias Deml, Head of Cloud Engineering, Oracle Germany, to learn more about the central role of Oracle Cloud Infrastructure (OCI) within the Oracle solutions portfolio.
Tobias Deml, Head of Cloud Engineering, Oracle Germany
Oracle Cerner: Hello Tobias, nice to meet you. The topics of cloud and infrastructure solutions regularly lead to passionate discussions about advantages and risks. Before we delve deeper into the topic, why don't you tell us a bit about yourself and your tasks at Oracle?
Tobias Deml: With pleasure. Today, I’m pleased to present Oracle's portfolio focused on cloud technology and to show possible solutions with which German hospitals can establish and expand a secure and futureproof infrastructure.
About me: I live and work in Munich. Before joining Oracle, I worked in consulting and the focus of my work was to support customers in regulated industries—such as banking, insurance, or law—on the topic of the cloud. Today, I develop architectures for the highest requirements with my team. We’re responsible for designing the interface between our customers and ecosystem. Not only do we deliver concepts, but we also support our customers as partners throughout the entire lifecycle of the platforms. This end-to-end support is very complex, both in technical and regulatory terms.
Today we’re talking about Oracle Cloud Infrastructure (OCI). Can you please briefly describe what OCI means and the role it plays in Oracle's portfolio?
OCI plays a central role in the Oracle portfolio. There are various ecosystems in our portfolio, from software and applications to infrastructure. By OCI, we mean certain infrastructure or platform services, which are part of the OCI ecosystem.
OCI offers several deployment models to meet different needs and regulatory requirements. We distinguish between public cloud models, which are operated out of Oracle's cloud regions, and dedicated cloud offerings, which are deployed in the customer's data center.
- Commercial public cloud: Includes access to OCI cloud services from 41 global regions in 22 countries worldwide, and growing. In 10 countries and across the EU, OCI has two or more cloud regions that enable availability in the event of a disaster, without data leaving the borders of these territories.
- European Union Sovereign Cloud: Specifically for highly regulated or sensitive industries, the recently announced EU Sovereign Cloud will also soon be available in Europe. Here we’re creating a separate ecosystem alongside our public cloud to help our customers meet additional compliance regulations from the various countries within the EU.
- This is a cloud for customers or partners who require additional isolation in dedicated cloud regions.
With OCI, we haven’t developed a cloud platform for specific application areas but have created a uniform basis that can meet the framework conditions of both commercial and regulated customers—including the healthcare sector. In addition to the public cloud and dedicated cloud, there are also mixed scenarios (hybrid cloud) or multicloud, which means an overarching connection with other companies’ cloud platforms, such as Microsoft (Azure). Importantly, we’ve developed our ecosystem with a strong open-source approach and a focus on interoperability because multicloud, in particular, is very important in our OCI ecosystem.
Healthcare involves very sensitive data that requires a high level of protection. Oracle hasn’t only been in healthcare for a long time, but also in other data-sensitive industries. Can you share more about Oracle’s experience?
Oracle has long been a trusted partner in solving the most complex challenges for the world’s most essential—and often, highly regulated—industries.
In the European context, we already have many instances. For example, we work with healthcare data in the financial industry (Deutsche Bank) and the insurance industry (Allianz). In the healthcare industry in particular, we have a strong reference in the form of a project implemented jointly by Bayer, Oracle, and Accenture, in which we work with research and patient data to comply with all regulatory and data protection requirements. Together, we operate a comprehensive research architecture on the OCI platform.
As far as the regulatory focus of data-sensitive industries, we’re in active exchange with various regulatory authorities—not just during the definition of the architecture or in the sales process, but during the design of new solutions, services, and products. One example of this is the aforementioned EU Oracle Sovereign Cloud, where the contractual and technical-regulatory requirements were taken into account during development. Here, we support the customer not only from a technological point of view, but also in the application and implementation of regulatory requirements (for example, in documentation preparation for corresponding authorities). For us, this is a central component of our portfolio and an extension of our offerings as a technology provider. We not only provide the ecosystem, but also support our customers beyond it.
Oracle Cerner customer data is very sensitive. How do you lessen their fear of the cloud? Are there any special certifications that Oracle holds?
For us, it’s very important to create trust: trust in the technology, on the one hand, and trust in us as a provider and partner on the other. The technological, “hard” argument is that as an ecosystem provider, we offer the reliable technological framework. One example of this is that any data stored in our ecosystem is always encrypted, as a matter of principle, which means we can alleviate many concerns about data protection.
If we have to fulfill certifications as an ecosystem provider, we can demonstrate these basic concepts. We’re in very close contact with the German Federal Office for Information Security (BSI) and can demonstrate basic certifications, such as the BSI C5. In fact, we recently signed a cooperation agreement with the BSI to "enable the agencies of the federal administration to retrieve and use certain Oracle products and services. This should also include Oracle Cloud products and services. Close cooperation is required so that the provision of the retrievable products and services can also meet the IT security requirements of the BSI."
Back to certifications. In the healthcare industry, there are special procedures, such as the United States Health Insurance Portability and Accountability Act (HIPAA) certification. Our offerings help customers comply with HIPAA. We’re also agile in helping our customers meet country or region-specific regulatory requirements and certifications in each case. We walk with clients through the regulatory certification process, actively reaching out to regulators along the way. Our catalog of certifications achieved is thus constantly growing. As I said, we want to solve the big challenges to further strengthen trust in the OCI ecosystem.
Now, not all clouds are the same and there are use cases where cloud solutions are not yet used. What solutions does Oracle offer, ranging from on-premises to the public cloud?
I’m confident we have the right solution for almost every use case. But to answer the question, there are indeed use cases, such as in logistics, which are rather less predestined for the cloud. There are also special cases, such as in the area of national security, which are well-suited to the cloud, but not to the normal cloud. There are solutions for this use case, as well, such as the dedicated cloud. In addition, there are of course customized or hybrid solutions, as previously mentioned.
These are just a few examples. Which solution, which scenario—from on-premises to public cloud—is the right one for the individual customer? This is exactly what my team and I, together with our colleagues from Oracle Cerner, discuss with our customers.
What are the advantages of Oracle’s acquisition of Cerner, from your point of view, and what are exciting topics in the near future?
Cerner brings a great deal of healthcare expertise and technology to Oracle, as well as customers that we look forward to continuing to work with and support. Oracle contributes the platform, certifications, and accreditations with regulatory agencies through OCI. We can now offer our customers additional solutions purpose-built for the healthcare industry.
Oracle brings a lot of experience—especially in the regulatory environment—and an ecosystem focused on meeting high requirements with built-in security mechanisms. Now add to that the knowledge of various applications in healthcare, such as the electronic health record (EHR). From now on, solution expertise meets architecture expertise. This combination offers customers a very secure, comprehensive, and forward-looking environment—from the infrastructure to the solution for users.
We’re at the beginning of a common path and will learn which requirements and improvements will be necessary in the future. At the same time, with OCI, Oracle Cerner customers now have access to an additional technology they may have been missing until now, and which we can now offer to complement the existing health IT portfolio—all from a single source.
Thank you very much for the exciting conversation and insights, Tobias.