2 weeks ago, I had the opportunity to attend HIMSS13 with INetU in New Orleans, LA. This was our 4th year attending HIMSS (Healthcare Information and Management Systems Society) and the Cloud was more prominent than ever. In addition to increased Cloud awareness, ICD-10, the most recent code sets used to report medical diagnoses and inpatient procedures was a heavily covered topic along with Mobile Health. We noticed a lot more people than previous years asking about security and HIPAA (Health Insurance Portability and Accountability Act) in regards to the cloud.
So, How can Protected Health Information be safe on the cloud?
HIPAA and HITECH (Health Information Technology for Economic and Clinical Health ) include several technical and policy requirements that healthcare providers and their business partners who handle PHI (Protected Health Information) must follow to be considered HIPAA-compliant. Storing PHI on the cloud might seem unnerving at first—I’m supposed to trust my most business-critical and legally sensitive information to a third-party located who-knows-where? Shouldn’t I keep everything locked up in-house?
You could, but when you think about it, doctors and other healthcare providers specialize in healing, not in firewalls, encryption, or interpreting complex federal regulations. A reputable, experienced HIPAA hosting provider with compliance expertise can handle the technical details of protecting sensitive data, storing and transmitting it securely, and keeping vigilant against threats. That way, healthcare providers can focus on what they do best—taking care of their patients.
Get Your HIPAA Hosting Provider to Put it in writing
According to HIPAA, a business associate is a person or entity that, generally speaking, has contact with PHI. It’s a good idea to get a written Business Associate Agreement (BAA) with any business or organization that you share PHI with.
Even though a HIPAA hosting provider doesn’t typically have direct contact with PHI but rather simply stores it, a formal agreement is still a good idea. You want a HIPAA hosting provider who you can treat as a true partner, especially if any issues or questions should arise later, and a formal agreement can provide that assurance.
Take Action Today
Click here to download our Checklist for Choosing a HIPAA Hosting Provider.
