Understanding legacy code in medical software development

By Anna Choma

The term ‘legacy code’ is frequently heard in the world of software development, but its precise definition can be elusive at times. Not to mention the reasons behind this idea. What is it that makes code, legacy code and how to cope with it?

Legacy code and its (not only) technological dependencies

One concept of legacy code might be defined by its reliance on outdated or unsupported technologies and the challenges associated with this aspect. Legacy code frequently becomes ‘legacy’ as a result of historical ties to technologies, languages, or platforms that have evolved or become obsolete over time. This reliance on obsolete elements can present a number of significant challenges, just to mention maintainability issues, reduced performance and efficiency, security concerns or very limited access to new features.

Medical IT has shown remarkable advancements across various domains, including artificial intelligence and machine learning, cloud computing, multi-platform integrations, and more. Nevertheless, legacy systems in healthcare remain a prevalent presence [1]. According to research conducted in 2020 by the Unit 42 team at Palo Alto Networks, outdated and unsupported operating systems power nearly 83% of healthcare IoT devices in the United States [2]. The report shows that more than half of cyberthreats targeting the medical sector revolve around imaging devices, posing a significant risk to patient care disruption. The exposure of sensitive data is a pressing concern, particularly since a staggering 98% of IoT device traffic remains unencrypted.

These numbers prompt us to consider another aspect or even definition of code legacy: security and quality assurance. Michael Feathers’ excellent book ‘Working Effectively with Legacy Code’ [3] defines legacy code precisely as code lacking automated tests, emphasizing the importance of quality assurance, testing in code modernization and bringing existing software applications back under control.

Balancing cost, risk, and reward in old medical code modernization

For many organizations, one of the primary motivations for modernizing legacy code is to unlock organizational potential and seamlessly integrate with existing software rather than undertaking the arduous task of building all required new functionalities from the ground up. Because the reality is that the costs of maintaining legacy systems are significant. These costs include the upkeep of obsolete technology, and of any new development, which is typically more expensive and time-consuming due to the inherent delays.

There are several approaches that can be used to bring your software back up to date.

  • Refactoring. This method makes it easier to improve the structure of the old code. Because of the increased risk of bugs and software crashes, this necessitates a greater commitment to quality assurance testing.
  • Encapsulation. This method facilitates the smooth integration of both legacy and modern system components. It involves the isolation of software modules (such as medical databases for instance), and re-exposing through newer interfaces and functionalities using APIs and other relevant software engineering techniques.
  • Making functional changes to codebases. It refers to the process of altering the behavior or adding new features to existing software applications. This can be a critical aspect of software development, modernization and maintenance.
  • Full System Rewrite. This approach recognizes that the current system may be burdened with technical debt, obsolete technologies, and accumulated issues that are difficult to untangle. The code, architecture, design, and even the database schema are all reconsidered.

Each modernization strategy has advantages and disadvantages, and the strategy chosen is determined by factors such as the system’s current state, budget constraints, timeline, and business goals. However, the question remains: when to consider it?

Approaches that can be used to bring your software back up to date:<br/>
Making functional changes<br/>
to codebases<br/>
4. Full System Rewrite

When to consider modernizing your medical software technology: a checklist

Code modernization is a strategic investment that can have a profound impact on software quality, business operations, and competitiveness in today’s technology-driven world.

1. Compatibility and integration. Is your current software compatible with newer healthcare systems and technologies? Does it seamlessly integrate with other essential healthcare applications and devices?

2. Security and compliance. Are you facing security vulnerabilities due to outdated software? Does your software comply with current medical data privacy regulations, such as HIPAA, MDR or GDPR?

3. Performance and scalability. Is the software experiencing performance issues, leading to delays or inefficiencies?

4. User experience. Are healthcare professionals finding it challenging to use the software efficiently? Is the user interface outdated and in need of a more modern design?

5. Data management. Can your software effectively manage and protect patient data, including electronic health records? Is there a risk of data loss or breaches due to legacy software limitations?

6. Maintenance costs. Are you incurring high maintenance costs to keep the software running? Are these costs becoming unsustainable over time?

7. Innovation and features. Is your software lacking essential features that are now industry-standard? Is it falling behind in terms of innovation AI-adoption or functionality compared to competitors?

Choose the right medical software company to update legacy code

It is important to carefully weigh the risks and benefits before deciding whether to update legacy code. If the risks are too high, it may be better to leave the legacy system as-is or to replace it entirely.

Choosing the right medical software company to update your legacy code is an important decision that can have a significant impact on your business. At Graylight Imaging we can audit your legacy code needs and check how we can deal with it.

Ready to embark on a journey of software modernization? Let’s use the power of innovation to change your software landscape. Contact us today to unlock the potential of your systems.


[1] It’s worth checking out our series of blog posts on artificial intelligence in healthcare to stay abreast of news and perspectives in the field: https://site.graylight-imaging.com/ai-in-healthcare-news-picked-by-gli-05/
[2] https://www.hipaajournal.com/83-of-medical-devices-run-on-outdated-operating-systems/
[3] https://www.amazon.com/Working-Effectively-Legacy-Michael-Feathers/dp/0131177052