Atlantic.Net Blog

Consequences of HIPAA: How HIPAA Affects Business Opportunities and the Economy

Sam Guiliano
by Atlantic.Net (86posts) under HIPAA Compliant Hosting

HIPAA snacks comic

The healthcare industry is growing fast, and with it is the sector that specializes in Health Insurance Portability and Accountability Act compliance, a.k.a. HIPAA compliance. This form of compliance is critical for healthcare plans, providers, and clearinghouses: it allows the US Department of Health & Human Services to know businesses are safeguarding patient information. Specifically, HHS verifies that businesses closely interacting with protected health information (PHI) safeguard it in the manners described by the Privacy Rule and Security Rule of the law’s Title II.

One obvious aspect of the field is HIPAA Compliant Hosting and colocation, the direct supply of technological services to healthcare businesses, so that the IT infrastructure is sufficiently protected and free from liability concerns. However, the HIPAA compliance market – which represents growth opportunities for enterprises new and old – is more diverse than it may first appear.

This article will look at three additional aspects of the HIPAA compliance arena, preceded by a Real World Scenario (RWS) and an explanation of one term that is used. Our RWS series highlights interactions between our hosting consultants and potential clients, to provide readers with specific situations and requests related to compliance IT.

HIPAA compliant physical therapy app

Client: I am in the process of developing an app for physical therapy. It will include 300+ videos, email between therapist and client within the app, and client data tracking. Here are a list of requirements for the server:

  1. Dedicated server
  2. Linux OS
  3. Apache HTTP Server
  4. PHP installed
  5. MySQL database installed
  6. Control Panel.

Please let me know how you can help me.

[Consultant provides Client with Proposal and Business Associate Agreement (BAA).]

What’s a business associate agreement?

A business associate agreement, or BAA, is a contract signed between a healthcare organization and a third party, the latter of which is supplying a solution for the organization that will involve patient data. In this arrangement, the healthcare firm is considered a covered entity by HIPAA, and the external party handling data on their behalf is considered a business associate.

HIPAA compliance field subcategory – content creation

One aspect of HIPAA compliance that is developing rapidly alongside the healthcare industry is marketing. Companies that perform marketing services for HIPAA compliance organizations – such as hosting companies like ours – generate marketing collateral, such as articles and videos, to showcase expertise.

In the age of “quality original content,” marketing companies are not the only organizations involved in production of collateral. Freelance writers are hired directly in some cases, as are illustrators and graphic artists. Video production companies can specialize in the production of HIPAA compliance pieces as well.

HIPAA compliance field subcategory – software development

Marketers are not the only professionals looking to take advantage of healthcare opportunities. Software developers can also create applications that abide by the parameters of the act. One example is the physical therapy application described above.

Web applications can serve multiple purposes: they can be used by the business internally or to enhance engagement between the business and patients (as with the above app). In some cases they are designed specifically as mobile applications, especially when patients are the primary users.

HIPAA compliance field subcategory – consulting

Consultants are also useful to covered entities at times. These specialists have a narrow focus on the specific needs organizations have related to the law. Possible aspects of business for which a consultant can provide guidance include the following:

  • risk analysis/vulnerability assessments
  • project management
  • contingency planning
  • establishment of a compliance officer with general management responsibility for any business components related to HIPAA.

A consultant can review a healthcare facility’s policies and procedures, along with its technological architecture, to determine if anything needs to be updated or reorganized. This consultation process is used by some companies to cut HIPAA compliant server costs and general compliance costs: consultants provide information that can then be used by the company to conduct an audit itself.

HIPAA compliance field subcategory – auditing

Organizations also can perform complete audits of companies to determine if they are 100% compliant. These audits can be useful both to covered entities and business associates. Covered entities are able to determine any elements of the business that might be problematic, while business associates can use an audit both to make any corrections and to establish a third-party verification so clients can trust their system.

Companies that perform audits should be experts on HIPAA generally, but they should especially have a strong understanding of the Security Rule. The three elements of the Security Rule that are of special concern are the following:

  • Risk Management Standard
  • Audit Controls Standard
  • Evaluation Standard.

Finding specialists that deserve your business

Atlantic.Net has been offering compliant healthcare hosting solutions for half a decade, based on technological experience established throughout our 20-year history. Our HIPAA hosting service page  provides you a roadmap for the extensive HIPAA information we have available through our site.

Start Your HIPAA Project with a Free Fully Audited HIPAA Platform Trial!

HIPAA Compliant Compute & Storage, Encrypted VPN, Security Firewall, BAA, Offsite Backups, Disaster Recovery, & More!

Start My Free Trial

Looking for HIPAA Compliant Hosting?

We Can Help with a Free Assessment.

  • IT Architecture Design, Security, & Guidance.
  • Flexible Private, Public, & Hybrid Hosting.
  • 24x7x365 Security, Support, & Monitoring.
Contact Us Now!
Stevie Gold Award Med Tech Award

SOC Audit HIPAA Audit HITECH Audit

Case Studies

White Papers


HIPAA Partners

Recent Posts

Get started with 12 months of free cloud VPS hosting

Free Tier includes:
G2.1GB Cloud VPS Server Free to Use for One Year
50 GB of Block Storage Free to Use for One Year
50 GB of Snapshots Free to Use for One Year

New York, NY

100 Delawanna Ave, Suite 1

Clifton, NJ 07014

United States

San Francisco, CA

2820 Northwestern Pkwy,

Santa Clara, CA 95051

United States

Dallas, TX

2323 Bryan Street,

Dallas, Texas 75201

United States

Ashburn, VA

1807 Michael Faraday Ct,

Reston, VA 20190

United States

Orlando, FL

440 W Kennedy Blvd, Suite 3

Orlando, FL 32810

United States

Toronto, Canada

20 Pullman Ct, Scarborough,

Ontario M1X 1E4


London, UK

14 Liverpool Road, Slough,

Berkshire SL1 4QZ

United Kingdom