07-11-13 | Blog Post
Many cloud computing infrastructure as a service (IaaS) providers may provide log monitoring, antivirus, web application firewalls, SSLs, dedicated SANs and more for healthcare organizations, but often the missing ingredient lies in one key technical aspect: encryption.
Encryption for healthcare organizations that need to meet HIPAA compliance is important for a few reasons:
So with these considerations in mind about the importance of encryption for HIPAA compliance, what should you look for in a HIPAA compliant cloud solution and provider?
When it comes to a service contract with your HIPAA cloud provider, make sure you address who holds encryption keys and the conditions under which they’re allowed to use it. If never, make sure to clearly state as such in the contract – data governance is important for establishing health data security.
A HIPAA compliant cloud can offer the security and scalability you need in order to grow with your organization, but it’s important to ensure encryption is part of the entire package.
For a complete guide to HIPAA technical, administrative and physical security, read our HIPAA Compliant Hosting white paper. This white paper explores the impact of HITECH and HIPAA on data centers. It includes a description of a HIPAA compliant data center IT architecture, contractual requirements, benefits and risks of data center outsourcing, and vendor selection criteria.
Related Articles:
HIPAA Encryption: First Steps to Identifying and Securing Health Data
According to DetroitNews.com, personal information of 49,000 individuals – including that of names, SSNs, DOB, cancer screening test results and dates of completion – were accessed by hackers recently. The data resided in a password-protected area of the Michigan Cancer … Continue reading →
Encryption at the Software Level: ‘It’s Not Always Cut-and-Dry’
Encryption is a hot topic at Online Tech during the month of June, and we hope we’ve offered some valuable insight into the complex topic through our ongoing series of free educational webinars. The latest was presented by guest co-host … Continue reading →
Encrypting Data to Meet HIPAA Compliance
To address the question of whether or not to use data encryption when it comes to meeting HIPAA compliance and keeping patient health information (PHI) protected, let’s revisit the Health Insurance Portability and Accountability Act of 1996 (HIPAA): … Continue reading →
References:
Health Plans, the Cloud and HIPAA Privacy and Security