HIPAA Cloud Solutions?

Join Our Mailing List 

On New-Wave Technology

Carol S. Miller

By Carol Miller RN MBA

To help hospitals and health systems comply with Health Insurance Portability and Accountability Act regulations, best practices are emerging for securing all electronic communication – cloud, wireless, and texting – of protected health information.

These new technologies will continually be evolving with hospitals, providers and patients move to new means of communication.  Below is a description of one.

Cloud Solutions

Cloud solutions are becoming a needed commodity in treating patients today but also present a risk to privacy and security violation.  Despite the advantages of cloud computing, organizations are often hesitant to use it because of concerns about security and compliance.

Specifically, they fear potential unauthorized access to patient data and the accompanying liability and reputation damage resulting from the need to report HIPAA breaches. While these concerns are understandable, a review of data on HIPAA breaches published by the HHS shows that these concerns are misplaced.

In fact, by using a cloud-based service with an appropriate security and compliance infrastructure, a facility can significantly reduce its compliance risk.

***

cloud-tech-1

***

Business-Associate Agreements

Because HIPAA compliance involves stringent privacy and security protections for electronic health information (PHI), many cloud providers are balking at signing new Business-Associate agreements.

Assessment

Most cloud-technology providers, such as Box and Dropbox, do not include the built-in privacy protections that guarantee HIPAA compliance. Because many cloud storage companies store plaintext data on their servers, PHI is especially vulnerable to breaches and compliance violations. 

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™

***

Update on HIPAA Cloud Solutions for Hospitals and Health Systems

Join Our Mailing List 

New-Wave Technology and PHI

Carol S. Miller

[By Carol Miller RN MBA]

To help hospitals and health systems comply with Health Insurance Portability and Accountability Act regulations, best practices are emerging for securing all electronic cloud communication of protected health information.

These new technologies will continually be evolving with hospitals, providers and patients move to new means of communication.

Cloud Solutions

Cloud solutions are becoming a needed commodity in treating patients today but also present a risk to privacy and security violation. Despite the advantages of cloud computing, organizations are often hesitant to use it because of concerns about security and compliance.

Specifically, they fear potential unauthorized access to patient data and the accompanying liability and reputation damage resulting from the need to report HIPAA breaches. While these concerns are understandable, a review of data on HIPAA breaches published by the HHS shows that these concerns are misplaced.

In fact, by using a cloud-based service with an appropriate security and compliance infrastructure, a facility can significantly reduce its compliance risk.

***

d1052a30277425_561bf03a44905

***

But, because HIPAA compliance involves stringent privacy and security protections for electronic protected health information (PHI), many cloud providers are balking at signing new Business-Associate Agreements.

Most cloud-technology providers, such as Box and Dropbox, do not include the built-in privacy protections that guarantee HIPAA compliance. Because many cloud storage companies store plain-text data on their servers, PHI is especially vulnerable to breaches and compliance violations.

HIPAA Not Aging Well

HIPAA was written nearly 20 years ago, before cloud health applications were even envisioned. Because of this, some areas of the law make it hard to determine which applications must be HIPAA- compliant and which are exempt.  Considering the numerous ways security breaches can occur with a cloud solution, it is no wonder that HHS is very leery about how PHI is handled on server farms in the cloud.

Assessment

Regardless of the storage modality – it is important to take all the steps possible to comply with HIPAA guidelines.

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

 

Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™ Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™

***

Emerging New-Wave Cloud Technology for HIPAA

Join Our Mailing List

Securing Electronic Communication in the Cloud

[By Carol S. Miller BSN MBA PMP]

Carol S. MillerTo help hospitals and health systems comply with burdens of the Health Insurance Portability and Accountability Act [HIPAA] regulations, best practices are emerging for securing all electronic communication – cloud, wireless, and texting –  of protected health information.

These new technologies will continually be evolving with hospitals, providers and patients move to new means of communication.

And so, below is a very brief description of one: cloud solutions.

Cloud Solutions

Cloud solutions are becoming a needed commodity in treating patients today but also present a risk to privacy and security violation.  Despite the advantages of cloud computing, organizations are often hesitant to use it because of concerns about security and compliance.

Specifically, they fear potential unauthorized access to patient data and the accompanying liability and reputation damage resulting from the need to report HIPAA breaches. While these concerns are understandable, a review of data on HIPAA breaches published by the HHS shows that these concerns are misplaced.

In fact, by using a cloud-based service with an appropriate security and compliance infrastructure, a facility can significantly reduce its compliance risk.

***

USB drive

[A.I. and the “SINGULARITY”]*

***

Because HIPAA compliance involves stringent privacy and security protections for electronic protected health information (PHI), many cloud providers are balking at signing new Business-Associate agreements.

Most cloud-technology providers, such as Box and Dropbox, do not include the built-in privacy protections that guarantee HIPAA compliance. Because many cloud storage companies store plaintext data on their servers, PHI is especially vulnerable to breaches and compliance violations.

Note:

The SINGULARITY is that hypothetical moment in time when Artificial Intelligence [AI] will have progressed to the point of a greater-than-human intelligence.

Channel Surfing the ME-P

Have you visited our other topic channels? Established to facilitate idea exchange and link our community together, the value of these topics is dependent upon your input. Please take a minute to visit. And, to prevent that annoying spam, we ask that you register. It is fast, free and secure.

ABOUT THE AUTHOR

  • Carol S. Miller; BSN, MBA, PMP
  • ACT IAC Executive Committee Vice Chair at-Large
  • HIMSS NCA Board Member
  • President – Miller Consulting Group
  • 7344 Hooking Road
  • McLean, VA 22101
  • Phone: 703-407-4704
  • Fax: 703-790-3257
  • email: millerconsultgroup@gmail.com

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

Product Details

%d bloggers like this: