HIPAA Compliant Cloud Hosting

While HIPAA law is broad, at its core is the Security Rule, the full name for which is the Security Standards for the Protection of Electronic Protected Health Information. The Security Rule applies the rights that are conveyed by the Privacy Rule – i.e., the Standards for Privacy of Individually Identifiable Health Information – within digital environments. In order to achieve this aim, the Security Rule requires administrative, physical, and technical safeguards. These three categories of defenses are critical to ensuring HIPAA-compliant file transfer. Specific elements of these types of Security Rule protections include these ten key healthcare file transfer considerations:

Read More

Organizations migrating to a new IT environment, such as the Cloud, should always give serious consideration to the security of that environment. But how secure is the Cloud? If you don’t know exactly what piece of hardware your private data is found on at a given time, how do you know it is secure?

For those relatively new to Cloud, the first thing to be aware of is that while some of the tools and methods used to secure a network and data in the Cloud are different, the basic principles are the same as for any other environment. The next thing to know is that because the Cloud runs in data centers staffed by experts in Cloud services, data stored in the Cloud is “probably more secure than conventionally stored data,” according to Quentin Hardy, former Deputy Technology Editor of the New York Times[i].

Read More

Did you know that more than 113 million people were affected by a HIPAA compliance breach in 2015? That’s an increase of 107 million from just five years ago.

Every day, an average of 17,000 patient records are compromised.

The Health Insurance Portability and Accountability Act of 1996 (i.e., HIPAA) was enacted to keep people’s personal health information, including medical records and billing information, secure. The rules and regulations are not only notoriously complicated and easy to misunderstand, but they also frequently change. However, feigning ignorance won’t work in your favor.

Read More

When designing and implementing IT systems, choosing where to store your business-critical healthcare data is an important decision. There are typically three storage design concepts used in enterprise-grade storage solutions: onsite storage, offsite storage, and hybrid storage. Each approach has its own advantages and disadvantages, so it’s essential to choose a design concept that applies to your requirements. Below, we will explain each approach and its pros and cons.

Read More

Many organizations’ IT departments fight a constant battle to satisfy the increasing demand for allocating storage pools to computers, servers, virtual appliances, and file servers. For such organizations, IT professionals must fulfill ever-expanding requirements for disk storage to support IT infrastructures.

Read More

Every organization that handles the electronic protected health information (ePHI) of US citizens must be concerned with federal healthcare compliance: that is, abiding by the parameters established in the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH). A central element of HIPAA federal law is the Security Rule, which mandates implementation of appropriate cybersecurity measures to protect digital health records.

Read More

While counseling and coaching services may seem to fall outside of the realm of traditional healthcare, they often fall squarely in the realm of mental health and are therefore subject to HIPAA requirements. Knowing whether these services fall under HIPAA regulations can be tricky, and it’s important to understand your responsibilities in protecting patient health information (PHI).

Below, we explore HIPAA compliance requirements for mental health services, such as coaching and counseling, and how you can ensure compliance.

Read More

File sharing is crucial to the ability to leverage the cloud and to safeguard files while controlling and sharing them. It also makes it possible for your personnel to be able to get to their files wherever they are.

For healthcare organizations looking to adopt a file sharing service, the most important consideration is to select a service that prioritizes the security that is necessary to deliver HIPAA compliance. Two of the prominent file sharing options for general storage are Microsoft OneDrive for Business and Google Drive. However, when using a third party to file sharing for your healthcare organization, it means that you are placing trust in a business associate to protect highly confidential and sensitive patient data – you need to be able to maintain HIPAA compliance.

Read More

A HIPAA compliant client portal must secure patient information – which is why a custom HIPAA compliant portal can be an especially delicate prospect. Below, we explore a recent request our sales team received for such a portal, and how to go about meeting the requirements for a HIPAA compliant client portal.

Read More