05-21-20 | Case Study
The Hospital Quality Institute (HQI) builds reliable and sustainable measures to gauge California’s hospital performance and identifies opportunities for improvement and innovation. HQI’s vision for patient safety and quality serves as a vehicle to harmonize efforts and accomplishments and helps California hospitals lead the nation in high quality, safe and reliable health care. The organization collects and compiles two primary data sets that each require a secure storage environment: hospital quality and patient safety information. HQI then delivers thorough, accurate metrics to California Hospital Association members, enabling them to demonstrate success in enhancing patient safety and improving quality.
In order for HQI’s databases to be in compliance with various federal and state laws, including the national Health Insurance Portability and Accountability Act (HIPAA), the company needed a cloud-based solution that supported its regulatory requirements. The organization explored managing its data in-house but determined that a task of such magnitude was beyond their internal capabilities and out of scope for what the IT department had been built to deliver.
Otava was the first cloud solutions provider in the US to meet HIPAA compliance standards and has passed its independent HIPAA audit with 100 percent compliance against the latest Office of Civil Rights HIPAA Audit protocol every year. With much of its work taking place via remote interfaces, HQI turned to Otava to create and manage the two comprehensive virtual private cloud environments for confidential data. In addition, Otava recommended and implemented firewall protection and Cloud Backup services.
“We sought out a partner that could help us take our data into the cloud to capitalize on its inherent resiliency,” said Steve Pon, project manager at HQI. “I talked to several other cloud solutions providers and ultimately visited an Otava cloud facility in Michigan and was impressed with the engineering, redundancy and failover capabilities. “The personal attention, cost effectiveness and experience working with other compliance-sensitive customers in our industry made the decision an easy one.”
Otava’s HIPAA-compliant certifications provide both cloud solution-level and infrastructure-level safeguards, ensuring the reliability needed to meet HIPAA standards. HQI enjoys significant resource and cost benefits while meeting its availability, integrity and confidentiality needs for electronic protected health information. Ultimately, this helps safeguard the patients, covered entities and business associates HQI serves across California.
“We thought about managing HIPAA-critical information ourselves, but it would have been far more expensive, not to mention outside our area of expertise,” Pon said. “Otava is an expert in this area with a great track record. Implementation was smooth and took less than two weeks. We look forward to the ongoing benefits of these new, secure virtual cloud environments while we maintain our focus on our core business function, which is serving our members.”