The Health Insurance Portability & Accountability Act (HIPAA) sets standards for protecting sensitive data of patients in the cloud. Any company which is dealing with PHI (protected health information) needs to ensure all of the required network, physical, and process safety measures are properly followed. If you want to learn more about requirements of HIPPA, […]
The Health Insurance Portability & Accountability Act (HIPAA) sets standards for protecting sensitive data of patients in the cloud. Any company which is dealing with PHI (protected health information) needs to ensure all of the required network, physical, and process safety measures are properly followed. If you want to learn more about requirements of HIPPA, click here to learn more.
This includes CE (covered entities), anyone who is providing treatment, operations, and payment in health care, BA (business associates) with access to patient’s information stored in the cloud or those who provide support in payment, operations, or treatment. Subcontractors and associates of associates need to be in compliance too.
Read more about our HIPAA compliance here
The privacy rule of the HIPAA helped address the saving, sharing, and accessing of personal and medical data of individuals stored in the cloud while the security rule is more specifically meant for outlining national security standards to help protect the health data which is received, maintained, transmitted, or created electronically, also known as e-PHI (electronic protected health information).
If you're hosting data with HIPAA compliant hosting providers, they need to have particular administrative, technical, and physical safeguards in place as per the US HHS (Department of Health & Human Services). The technical and physical safeguards which are the most important for services provided by hosts are listed below:
A supplemental act passed in 2009 known as the HITECH (Health Information Technology for Economic & Clinical Health) Act which supported the enforcement of all of the HIPAA requirements by increasing the penalties imposed on organizations who violated the HIPAA privacy or security rules. The HITECH Act was created in response to the development of health technology and increased storage, transmission, and use of electronic health information.
HIPAA has driven a number of healthcare providers to search for solutions that can help them secure cloud data. Medical information is very private, and regulation keeps getting tighter, which means enforcement is also getting tighter. There are a number of healthcare providers have chosen to move their whole EHRs onto a HIPAA compliant platform such as FileCloud in order to reduce their expenses and become more inter-operable across various other devices in a safe, HIPAA-compliant fashion.
Author: Rahul Sharma
images courtesy: freedigitalphotos.net/ Stuart Miles