Atlantic.Net Blog

Do I Need to Be HIPAA Compliant?

Editorial Team
by Atlantic.Net (212 posts) under HIPAA Compliant Hosting
  • Who Needs to Be Compliant?
  • The Role of the Healthcare Clearinghouse
  • Interviewing Business Associates
  • Making Strong HIPAA Choices

Who needs to Be Compliant?

You need to be compliant with the Health Insurance Portability and Accountability Act if you are a covered entity or business associate. Business associates are a catch-all group that includes any company performing a service for covered entities that exposes it to protected health information (electronic health records or other data). Covered entities include health care providers, health care plans, and health care clearinghouses.

HIPAA Health Care Provider Definition

A  HIPAA health care provider is any organization or individual that provides health care services and processes PHI in digital form. Examples include doctors, chiropractors, and pharmacies.

Health Care Plan Definition

A health care plan is a program set up for a person or business (such as an employer) that pays health care expenses. Examples include health insurance firms and Medicare.

Health Care Clearinghouse Definition

What is a healthcare clearinghouse? These are companies that convert nonstandard health data into standard health data or vice versa.

A healthcare clearinghouse can be “a public or private entity, including a billing service, repricing company, community health management information system or community health information system, and ‘value-added’ networks and switches,” explained Ohio law firm Bricker & Eckler LLP.

If you are unsure whether or not you fit one of those definitions, you can complete this short Q & A from the federal government.

The Role of the Healthcare Clearinghouse

People are often unfamiliar with that third category, the clearinghouse. The role that it serves is essentially a “middleman” that sends claim data from a provider (such as a clinic) to a payer (such as an insurance company). One of the primary activities conducted by health care clearinghouses is claims scrubbing, which essentially checks for any possible mistakes and make sure the claim is formatted properly for reading by the payer’s system.

“The clearinghouse also checks to make sure that the procedural and diagnosis codes being submitted are valid and that each procedure code is appropriate for the diagnosis code submitted with it,” said For Dummies. “The claim scrubbing edit helps prevent time-consuming processing errors.”

Interviewing Business Associates

The first business associates are actually getting audited in 2015. Your choice of a business associate should now focus even more on credibility, since HITECH essentially means broader responsibility: your tech partners and others can now receive penalties as well.

Here are a number of questions that were asked of us recently by a company who were thinking about switching to our HIPAA server hosting environment.

Healthcare client:

What is your business continuity plan for HIPAA?

HIPAA hosting specialist:

Please see our business continuity plan attached.

Healthcare client:

What is your backup plan for HIPAA?

HIPAA hosting specialist:

We provide Fully Managed Daily Encrypted Backup for all of the files and databases on separate Encrypted Storage Nodes. Other information is listed in the attached.

Healthcare client:

Is there any difference between regular data centers and HIPAA-compliant data centers? Please tell me why it is different.

HIPAA hosting specialist:

A HIPAA compliant Data Center has been audited for HIPAA and HITECH compliance.

Healthcare client:

What is your emergency plan? Do your technicians stand by 24/7?

HIPAA hosting specialist:

We operate a 24 X 7 X 365 Live Engineering support environment.

Healthcare client:

What is your plan to prevent data leakage? Like USB leakage (Both data center & our office).

HIPAA hosting specialist:

The documents I have attached cover this question. We are not involved in the customer’s HIPAA compliance in their office environment. This requires that the customer contract with a HIPAA consultant.

Healthcare client:

According to your website, you are HIPAA compliant, but is there any proof of evidence? (certification/audit)

HIPAA hosting specialist:

The documents I have attached include HIPAA certification.

Healthcare client:

As far as my understanding, virtual server hosting has some problems with HIPAA’s security rules. Is it safe to put our data into a virtual server?

HIPAA hosting specialist:

We will not issue a BAA based on the use of a Public Cloud / private cloud hosting environment (including our own). That does not mean that you cannot create a Private Virtualized environment by using Private Dedicated Server Hardware containing multiple private cloud servers.

Healthcare client:

What is the price for HIPAA compliant Windows Cloud Hosting?  (access from only one location)

HIPAA hosting specialist:

With 1 TB of Self-Encrypted Storage it is $xxx per month on a 12-month agreement with no setup fee.

Making Strong HIPAA Choices

HIPAA audits are on the rise, with the DHHS reportedly ready to crack down on any violations. Violations and settlements aren’t just expensive and distracting. They can also be a publicity nightmare, since any data compromises affecting 500 people or more must be reported to a major media outlet.

Whatever your technical requirements, Atlantic.Net offers the industry-leading HIPAA Compliant hosting solution, audited by a fully qualified and independent third party among many other service options to support healthcare hosting. We also offer HIPAA compliant website hosting.

By Moazzam Adnan

Start Your HIPAA Project with a Free Fully Audited HIPAA Platform Trial!

HIPAA Compliant Compute & Storage, Encrypted VPN, Security Firewall, BAA, Offsite Backups, Disaster Recovery, & More!

Start My Free Trial

Looking for HIPAA Compliant Hosting?

We Can Help with a Free Assessment.

  • IT Architecture Design, Security, & Guidance.
  • Flexible Private, Public, & Hybrid Hosting.
  • 24x7x365 Security, Support, & Monitoring.
Contact Us Now!
Stevie Gold Award Med Tech Award

SOC Audit HIPAA Audit HITECH Audit

Case Studies

White Papers


HIPAA Partners

Recent Posts

Penalties for Non-Compliance of HIPAA: What Is the Fine? Can You Get Jail Time?
Major SMS Company Hacked
​​Fight the Phish
How to Install WordPress with SlickStack on Ubuntu 20.04
Top 10 Linux Distributions

Get started with 12 months of free cloud VPS hosting

Free Tier includes:
G3.2GB Cloud VPS Server Free to Use for One Year
50 GB of Block Storage Free to Use for One Year
50 GB of Snapshots Free to Use for One Year

New York, NY

100 Delawanna Ave, Suite 1

Clifton, NJ 07014

United States

San Francisco, CA

2820 Northwestern Pkwy,

Santa Clara, CA 95051

United States

Dallas, TX

2323 Bryan Street,

Dallas, Texas 75201

United States

Ashburn, VA

1807 Michael Faraday Ct,

Reston, VA 20190

United States

Orlando, FL

440 W Kennedy Blvd, Suite 3

Orlando, FL 32810

United States

Toronto, Canada

20 Pullman Ct, Scarborough,

Ontario M1X 1E4


London, UK

14 Liverpool Road, Slough,

Berkshire SL1 4QZ

United Kingdom