Many cloud computing infrastructure as a service (IaaS) providers may provide log monitoring, antivirus, web application firewalls, SSLs, dedicated SANs and more for healthcare organizations, but often the missing ingredient lies in one key technical aspect: encryption.
Encryption for healthcare organizations that need to meet HIPAA compliance is important for a few reasons:
So with these considerations in mind about the importance of encryption for HIPAA compliance, what should you look for in a HIPAA compliant cloud solution and provider?
When it comes to a service contract with your HIPAA cloud provider, make sure you address who holds encryption keys and the conditions under which they’re allowed to use it. If never, make sure to clearly state as such in the contract – data governance is important for establishing health data security.
A HIPAA compliant cloud can offer the security and scalability you need in order to grow with your organization, but it’s important to ensure encryption is part of the entire package.
For a complete guide to HIPAA technical, administrative and physical security, read our HIPAA Compliant Hosting white paper. This white paper explores the impact of HITECH and HIPAA on data centers. It includes a description of a HIPAA compliant data center IT architecture, contractual requirements, benefits and risks of data center outsourcing, and vendor selection criteria.
HIPAA Encryption: First Steps to Identifying and Securing Health Data
According to DetroitNews.com, personal information of 49,000 individuals – including that of names, SSNs, DOB, cancer screening test results and dates of completion – were accessed by hackers recently. The data resided in a password-protected area of the Michigan Cancer … Continue reading →
Encryption at the Software Level: ‘It’s Not Always Cut-and-Dry’
Encryption is a hot topic at Online Tech during the month of June, and we hope we’ve offered some valuable insight into the complex topic through our ongoing series of free educational webinars. The latest was presented by guest co-host … Continue reading →
Encrypting Data to Meet HIPAA Compliance
To address the question of whether or not to use data encryption when it comes to meeting HIPAA compliance and keeping patient health information (PHI) protected, let’s revisit the Health Insurance Portability and Accountability Act of 1996 (HIPAA): … Continue reading →
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.