Moving applications and data over to the cloud has its advantages, but deciding to make the move also presents several risks, especially concerning compliance.
How can an enterprise ensure its cloud service provider is compliant with the Health Insurance Portability and Accountability Act (HIPAA)? Is it considered a business associate as defined by the HIPAA Privacy Rule? Is the provider devoted to maintaining compliance? This HIPAA cloud computing guide is composed of a variety of tips that offer advice on how to ensure cloud computing compliance.
cloud computing: Are cloud providers HIPAA business associates?
Whether the HIPAA business associate designation applies to cloud providers is a complex issue. Deciding if your cloud provider is a HIPAA business associate comes down to a judgment call based on the type of cloud usage.
In this tip, security expert Ed Moyle discuses how an enterprise can determine if its cloud service provider is compliant with HIPAA regulations, and considered to be a business associate as defined by the HIPAA Privacy Rule.
and cloud computing: Ensuring compliance in health care
Migrating to the cloud in the health care industry can have extensive benefits – such as extensively reducing the size of an on-site data center -- but the move obviously needs to be done in a way that ensures the safety of patient information as well as the organization’s HIPAA compliance status.
In this tip from Ed Moyle, health care providers will learn how to migrate sensitive information and patient data to a cloud computing environment and why they must plan any health care cloud migration carefully in order to protect patient safety and maintain HIPAA compliance.
More on compliance in the cloud
In this tip, learn five strategies for ensuring compliance and establishing contracts with cloud computing service providers.
In this podcast, learn more about cloud computing compliance and how to help customers ensure they are staying compliant with regulations and standards.
Discover why using the cloud to make a HIPAA-compliant backup can help meet backup and disaster recovery requirements.
compliance with HIPAA security requirements in the cloud
Ensuring the security of patient data – more specifically protected health information (PHI) covered under the HIPAA Security Rule – is a constant area of concern and No. 1 priority for health care providers.
Fortunately, there are steps you can take to comply with HIPAA security requirements even after PHI has already been migrated to a public cloud provider. Here, health care providers and security professionals will get advice on and best practices for achieving and maintaining compliance with HIPAA security requirements in the cloud.
computing pros and cons for regulated data
Is your enterprise considering migrating regulated data to the cloud? In this video, security expert Richard E. Mackey Jr. explains both the advantages and disadvantages – including the compliance complications associated with moving to the public cloud and how to evaluate cloud providers -- of outsourcing regulated data.
in the cloud: HIPAA business associate agreement key to cloud migration
Even though many companies are eager to shift applications and IT operations over to the cloud in order to save money and improve efficiency, making the move – especially for a health care corporation – can introduce serious compliance concerns.
In this article, discover how wound therapy provider GWR Medical Inc. ensures its cloud providers are devoted to and compliant with HIPAA regulations by requiring service providers to commit to a HIPAA business associate agreement.
This was first published in March 2012