HIPAA Compliant Hosting

Preparedness of the healthcare industry to protect patient data

The newly connected nature of the healthcare industry means patient data can be accessed at any time and anywhere. However, this also means traditional defensive measures that have kept healthcare organizations and patient data protected from hackers until now, have weakened.

Read More

Overwhelmed with HIPAA compliance? You’re not alone. Compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) is important to the covered entities and business associates that are expected by the federal government to follow the law and be HIPAA compliant.

However, the requirements of HIPAA and its regulatory agency, the US Department of Health and Human Services (HHS), are not as rigid as they first may seem. We’ve detailed the broad concepts required to understand HIPAA or HIPAA compliant hosting in this article, which serves as a beginner’s HIPAA Compliance Guide; further below, you will find our HIPAA Compliance Checklist.

Read More

The healthcare industry has been a primary target of data hackers for several years. There are numerous reasons for this. First, the healthcare industry offers a lot of valuable information to successful hackers – social security numbers, names, addresses, Medicaid ID numbers, medical records, health insurance information, and more – can all be scraped from a successful breach. It’s a literal goldmine for hackers.

Read More

Secure file transfer protocol (SFTP), a component of the secure shell (SSH) protocol, is useful in maintaining compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). SFTP uses encryption and algorithmic hash functions to protect information from unintended viewing or theft, and is considered a best-practice way to securely send files.

Like other standard protocols and technologies that are deployed to maintain HIPAA-compliant security, SFTP is not required specifically by the agency that regulates it, the Department of Health and Human Services. (The HHS regulates the law flexibly, allowing organizations to make their own specific decisions on means.) While you certainly do not have to use SFTP in order to stay compliant, it is a standard and straightforward way to meet the need for secure HIPAA file transfer.

Read More

Streamlining workflow and increasing productivity can be tricky for any business. For companies in heavily-regulated industries like healthcare, it can be downright daunting.

The Health Insurance Portability and Accountability Act (HIPAA), which was enacted in 1996, requires all healthcare providers to meet strict data privacy and security requirements in order to safeguard protected health information (PHI).

Read More

In the Internet age, data is an increasingly valuable asset; data on all aspects of modern life is captured, stored and processed online. Data warehousing and machine learning techniques have enabled business organizations to use this data to learn customer habits and predict future growth. Due to surging recognition in the value of data, it is especially important for individuals, businesses and enterprises to push a security-first agenda, mitigate cybersecurity risks, and protect all business-critical or otherwise sensitive data.

Read More

The laws: HIPAA & HITECH

Healthcare is a tricky field when it comes to development because there is an additional layer of concern beyond what is needed for the typical website: federal compliance. You need to meet the regulations mandated both by HIPAA and by HITECH.

Read More

Important Healthcare Standards

Three critical standards or forms of compliance of concern to healthcare companies are HIPAA (Health Insurance Portability and Accountability Act), HITECH (Health Information Technology for Economic and Clinical Health Act) and SSAE 18 (Statements on Standards for Attestation Engagements No. 18), the update of SSAE 16.

Beyond finding hosting that is compliant with those standards, you also have to figure out the extent to which you want to include cloud in your architecture. How can you become compliant, and how should you approach decisions on cloud and server management?

Read More