10-03-13 | Blog Post
A few weeks ago, we attended the HIMSS Privacy & Security Forum in Boston and liveblogged the panel discussion, Managing Security Risks of Health Data in the Cloud. The speakers provided a list of questions to ask in order to manage cloud security risks, as HealthITSecurity.com outlined below. As a HIPAA compliant cloud host, the bolded text is our response to their questions:
Other security precautions to take when it comes to the HIPAA cloud is to ensure that data encryption is an option. Encryption of data at rest can be achieved with built-in, hardware-based and disk-level encryption that encrypts data as it’s being written to drives.
Data in transit is also important to encrypt, as it travels from within tiers in applications and over wireless connections. The use of VPNs (Virtual Private Networks), SSL and two-factor authentication can ensure data is protected along its entire path.
Read our Encryption of Cloud Data white paper that outlines every option and provides a diagram of a defense in depth solution to protect data in every state.
HIPAA Compliant Cloud: Real Companies, Real Solutions
With the final HIPAA omnibus rule officially in place last week, cloud and data center providers supporting the healthcare industry are starting to sign BAAs (business associate agreements) and get familiar with the security requirements of HIPAA. But this means … Continue reading →
Get Compliant or Get Out of the Game: HIPAA’s No Joke
Attention hosting companies currently supporting healthcare clients: get compliant or get out of the game. For those still unaware, cloud hosting and other IT vendors involved with the storage or transmission of healthcare data must meet HIPAA compliance by…two days … Continue reading →
Alleviating Healthcare Cloud Security Concerns
An interesting infographic by WeLiveSecurity.com delivers the latest statistics about health IT security with data from HHS.gov. They found that: Despite 91 percent of healthcare providers using cloud-based services, 47 percent are not confident in the ability to keep data … Continue reading →
Healthcare Cloud Security: Staying Current with BAAs, SLAs