The amount of money spent on IT by the healthcare industry is little short of astonishing. It's not just CAT scanners and MRI machines, and all the usual business-type productivity software, though.

For a start, most of the information created in hospitals and clinics today is digital, so that means health is a major consumer of storage hardware and software - and because digital records could otherwise be accessed too easily, it also requires security.

It was storage volumes that prompted the data production and management division of the NHS to supplement its tape library with a Quantum DXi3500 disk-based storage and de-duplication system earlier this year, says Steve Mackey, the vendor's UK sales director.

He reports that the device is delivering a compression ratio of 10:1 - and because that means less data to write to tape, it also means the NHS can carry on using a tape library that would otherwise simply be too slow for its current needs.

"The NHS was initially reluctant to consider non-tape solutions for data storage due to cost but, having installed the DXi3500 and seen its benefits over a matter of weeks, it's delighted with the results," adds Damon Robertson, sales director at Coolspirit, the VAR which sold it the Quantum box.

Data management is another growing need, and one that archiving suppliers such as Hitachi Data Systems are eagerly looking to exploit. HDS recently tied up a deal with software developer Carestream Health to put the latter's Versatile Intelligent Patient Archive (VIParchive) software onto its new Hitachi Content Archive Platform.

VIParchive can take clinical information from multiple sources and consolidate it into an archive. The challenge is providing fast access to the information, which can include digital images as well as text and the like, while still meeting regulatory and compliance needs.

In particular, healthcare archives have to deliver automated policy management to ensure content authenticity, retention, and integrity while also supporting advanced discovery capabilities through integrated indexing, search and retrieval features, says Carestream's president, Michael Jackman.

"The growth in storage is faster in healthcare than any other vertical market, yet the infrastructure maturity in these organisations is believed to be some three to five years behind the industry average," adds HDS COO Jack Domme. "The data access and performance challenges can directly impact the quality of patient care."

At the same time, not only must data be readily and quickly accessible, but it must be secure - two factors which all too often are mutually exclusive. Strong authentication provides the latter, but can be clumsy to use, especially if users must log into multiple disparate systems using different authentication schemes and passwords.

The solution, according to security specialists such as Imprivata, is single sign-on (SSO) technology combined with strong authentication. Imprivata's OneSign device uses tokens such as smartcards, and once a user has authenticated to OneSign it automatically logs them into the system they're authorised to access.

Imprivata recently signed twelve NHS Trusts as customers for SSO to both locally-provided and National Programme for IT (NPfIT) applications. Their systems are using the NHS smartcard as the strong authentication factor, bypassing the need to manage multiple long lists of passwords for different systems.

The OneSign system is in use at Addenbrooke's Hospital, the Royal Free Hampstead NHS Trust, Lewisham Primary Care Trust, and at Nottingham University Hospitals, where 16 applications have been enabled for SSO and seven more are being deployed later this year.

"We chose OneSign due to the password issues that we were having," says Ben Halliday, the head of technical support and delivery at Nottingham University Hospitals. "Its integration with the NHS smartcard means that we can control access to our local applications, improve security for employees and remove the burden of password reset calls from the helpdesk."

He adds that this should all free up resources to be spent on better patient care instead - and after all, whether you're using technology to improve security, storage or regulatory compliance, that is ultimately what it's all about, isn't it?