As providers of HIPAA compliant hosting infrastructures, we publish as much information as we possibly can to help healthcare companies understand the law and find appropriate solutions, whether with us or another company. Along with describing this information generally on our site, we also publish Real World Scenario articles (such as this one) on our blog, allowing customers to see compliance in example real-life interactions between our representatives and customers.
However, there is also a compelling story in the news – as of NBC News yesterday – regarding problems related to patient privacy and developing strong plans of action to understand drug abuse. That cultural issue generally relates to the topic of HIPAA and its Privacy Rule, so we will explore it before transcribing a HIPAA private hosting case study.
Police complain about healthcare privacy laws
Police departments are having difficulty targeting drug abuse, particularly that of heroin, because they can’t access overdose data. The heroin epidemic has been escalating for the last ten years, according to police officers at a conference on illegal street drugs that convened on Wednesday, April 16, in the American capital.
The event was an inaugural effort by the Police Executive Research Forum to spread ideas and concerns related to drug abuse prevention. The message that was delivered repeatedly at the event was that OD information has become scarce in the US, with healthcare laws such as HIPAA to blame. One speaker, an active police professional, stated that the only way he could get access to autopsy information was through a subpoena.
The Chief of Police in Philadelphia noted that personal identity was not the concern. What was needed was the general data so that police officers could better understand local trends. Growing concern over drug deaths within the law enforcement community is not misplaced: Center for Disease Control (CDC) data reveals that fatalities related to ODs has more than doubled since the turn of the millennium, with a 102% rise between 1999 and 2010. Heroin and other opioid compounds – such as those in Oxycontin and Oxycodone – have been responsible for many of the deaths.
Representatives of the DC Medical Examiner and the NYPD argued that what was needed was a real-time system to provide health data to police officers nationwide. An application called Compstat, undoubtedly based on a cloud model for speed and affordability, provides data on related crimes to officers, so they can have relevant information immediately and perform investigations much more rapidly and effectively.
Although many officers feel that HIPAA and similar consumer protections are standing in the way of their ability to forecast crime patterns, some officials are adapting their approaches to get access to drug location information indirectly. The police in DC are using GPS technology in combination with naloxone (a common first-responder treatment intended to avoid an overdose) administration location data to determine central OD areas.
Private HIPAA Compliant Solution for Startup
Consultant: Welcome to Atlantic.Net. Please tell us about your hosting needs.
Client: We are working on a healthcare startup and would like to know how much your HIPAA compliant hosting solutions cost.
Consultant: We can build any size of HIPAA compliant platform, but the smallest HIPAA compliant package that we can offer is attached, in the form of a pricing proposal. We have also attached a copy of our Business Associate Agreement (BAA) for your review.
The hosting platform consists of the following components that are required in order to be HIPAA compliant:
- Private Hosting Platform (No shared resources)
- Fully Managed Hardware Firewall with encrypted VPN’s
- Fully Managed Intrusion Detection System (IDS)
- Fully Managed Daily Backup
- SSL Certificate.
Please contact us if you have any questions after you review our proposal (below).
PROPOSAL FOR Private HIPAA Hosting Platform
- 12 Month / 24 Month
- Fully Managed Hardware Firewall w/ 5 VPN’s
- Intrusion Detection System / Log Management
- Private Hosting Platform
- Windows Standard 2008 R2 64 Bit
- Core I3 – 3220 3.3 Ghz Dual Core w/HT 8
- GB of RAM (expandable to 32 GB)
- 2 X 500 GB SATA 3 Black RAID 1 – LSI 9240 RAID Card
- Multi-Homed bandwidth
- 10 TB of Monthly Data Transfer
- 100 Mbps Port
- Fully Managed Daily Backup
- SSL Certificate
- 8 IPs ( included)
- 100% Uptime SLA
- 24 X 7 X 365 Live Technical Support by Phone or Email.
Client: Great. Thanks for the information. I will share it with my partners and proceed accordingly.
Consultant: Thank you for contacting Atlantic.Net. Please let us know if you have any additional questions.
Viable, cost-effective solutions
Those in the healthcare field may experience HIPAA frustrations, as do those in law enforcement. However, compliance does not have to be stressful or confusing. Work with a hosting provider that has the knowledge you need to assist you without any unforeseen difficulties: Atlantic.Net. With five years of healthcare regulatory experience and twenty years in business, we have the expertise any client demands so that their patients are protected, as is their bottom line.
By Brett Haines