HIPAA Compliant Data Center

Montréal-Based Company Seeks HIPAA Compliant Hosting Solution with BAA

This article explores HIPAA compliance as follows:

  • Must Canadian Firms Comply?
  • 2015 Prediction from OCR Attorney
  • Conversation with Montréal Company
  • Finding Worry-Free Partners

Must Canadian Firms Comply?

Many healthcare businesses operating in the United States are actually based in other countries, and there is often confusion about the extent to which those companies must meet HIPAA law. There are no exceptions: any business that processes, stores, or transfers protected health information (PHI) must follow the privacy, security, and breach notification rules described in Title II of the Health Insurance Portability and Accountability Act of 1996, regardless where they are headquartered.

Read More






$1.4 Million Walgreens Love Triangle

High-Profile Healthcare Lawsuit Sets Disturbing Precedent for HIPAA Compliance

This piece argues for independently audited self-encrypting HIPAA storage as a service for healthcare companies. We review it within the broad enforcement and liability context, proceeding as follows:

  • Data Privacy Monitor: Surge of fines expected this year
  • Indianapolis Star: $1.4 million Walgreens love triangle
  • Analysis: Case places further pressure on the industry
  • Defense: Walgreens perspective & vicarious liability
  • In it together: Business associates post-Omnibus

Read More



HIPAA Final Rule, Disaster Recovery & Business Associate Shared Liability

Every healthcare organization knows about the importance of the Health Insurance Portability and Accountability Act of 1996. That law has of course been updated over time. The most recent change has been the HIPAA Omnibus Final Rule, which went into effect September 2013.

Read More


HIPAA Compliance for Hospitals & ASP’s: Avoid the Wall of Shame & Stay Within Budget

The current enforcement landscape

“Knowing what’s in the pipeline, I suspect that that number will be low compared to what’s coming up.” – Department of Health & Human Services OCR Counsel Jerome B. Meites, referring to the $10 million collected in HIPAA settlements from June 2013 to June 2014

Read More


Compliance Climate & On-Demand HIPAA Real World Scenario

Introduction – rising pressure

The pressure on healthcare providers, plans, and clearinghouses is mounting. Data Privacy Monitor reported in June 2014 that HHS (Health and Human Services) enforcement was expected to increase, per a comment made by a legal official at a local meeting of the American Bar Association held in Chicago.

Read More


Stay Connected With Us