By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    headphones can create health problems
    The Harmful Health Effects of Using Headphones
    September 24, 2021
    Headache causes
    4 Causes Of Headache You Probably Didn’t Know About
    December 28, 2021
    follow these steps to recover from your injury
    What Steps Should You Take to Recover More Quickly from an Injury?
    April 12, 2022
    Latest News
    Getting Back in the Game: Sports Injuries Rehabilitation Tips
    May 31, 2023
    4 Signs It’s Time to See a Therapist
    May 24, 2023
    11 Ways To Modernize Your Private Practice
    May 17, 2023
    How to Recognize the Signs of Hormonal Imbalance in Men
    May 29, 2023
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    Primary Care Physicians Can Greatly Reduce The Costs Of Care, Especially For Chronic Diseases
    October 13, 2011
    private
    Private Exchanges: Getting Ready for Individual Health Insurance to Be the Standard
    January 9, 2014
    Engaging UCSF Residents in Quality, Safety, and Cost Reduction
    May 15, 2012
    Latest News
    MRI Sedation Options: What You Should Know Before Screening
    May 17, 2023
    What is the Process of Creating Medicine from Nature?
    May 2, 2023
    Choosing the Right Treatment Option for Varicose Veins
    May 2, 2023
    What Are Wrong-Site Surgeries and How Do They Occur?
    April 27, 2023
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Attn, Healthcare Industry: SAS 70 is No Zombie
Share
Sign In
Notification Show More
Aa
Health Works CollectiveHealth Works Collective
Aa
Search
Have an existing account? Sign In
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Attn, Healthcare Industry: SAS 70 is No Zombie
eHealth

Attn, Healthcare Industry: SAS 70 is No Zombie

onlinetech
Last updated: 2013/09/18 at 8:00 AM
onlinetech
Share
4 Min Read
SAS 70 is never coming back. Unlike this zombie.
SHARE
SAS 70 is never coming back. Unlike this zombie.

SAS 70 is never coming back. Unlike this zombie. Source: wikiHow

SAS 70 is never coming back. Unlike this zombie.

SAS 70 is never coming back. Unlike this zombie. Source: wikiHow

More Read

A Guide to Medical Billing Services for Small Practices

How to Use E-Cigarettes to Stop Smoking
Healthcare Blogging: How to Become a Trusted Medical Source
What Has the Medical Industry Learned from COVID-19?
Ethics of Social Media Success and Instagram Influencers in Healthcare

Although SAS 70 (Statement on Auditing Standards) has been dead for quite some time now, we’ve found that those lagging in the health IT industry may still be confused about why SAS 70 is no longer the audit to look for when it comes to ensuring security with a cloud hosting provider. In fact, false information about SAS 70 as a qualifier for cloud computing security supporting the healthcare industry is still an issue.

Some suggest that SAS 70 is comparable to a HIPAA audit because they both check for an organization’s security controls. However, SAS 70 was never designed to measure data center security, but instead to measure internal controls related to financial reporting.

As major research firm Gartner stated, “SAS 70 is being misused by many vendors, and often their customers and certified public accountants (CPAs), in the hosted-application, software as a service (SaaS) and cloud computing spaces.”

So what’s better than SAS 70? Some say SSAE 16 (Statement on Standards for Attestation Engagements), which replaced the standard in 2011. But even an SSAE 16 report only reports on controls related to financial reporting, and not on controls directly related to data center privacy, security and availability.

Here’s where a SOC 2 (Service Organization Control) audit report comes in to save the day and confirm that your service provider has all of the best internal practices in place for these five controls: Security, Availability, Processing Integrity, Confidentiality and Privacy. Why choose a SOC 2 report over SOC 3? A SOC 2 report is more detailed, and affects companies that host or store large amounts of data, such as cloud hosting and data center operators.

So a SOC 2 report may suffice for most seeking an audit report that most accurately reflects a cloud hosting provider’s internal security controls. But for those in the healthcare industry dealing with patient data, there’s one step even further to ensure security with cloud hosting providers.

Look for a HIPAA compliant hosting provider that has a third-party independent audit report of their company’s controls against the OCR (Office for Civil Rights) HIPAA Audit Protocol. Ask them which requirements they can fulfill to satisfy the IT side of the HIPAA standards.

On the administrative side, ask them if and when they last completed HIPAA staff training as a business associate, and whether or not they will sign a business associate agreement (BAA) clarifying their role and responsibilities when it comes to your data security. This HIPAA Compliant Hosting white paper explains the IT infrastructure and administrative sides completely.

SAS 70 is so dead. And definitely needs to be laid to rest. Don’t let it become an audit zombie. Just let it go and embrace the future of SOC 2 and independent HIPAA audits.

References:
Gartner Says SAS 70 Is Not Proof of Security, Continuity or Privacy Compliance

 

TAGGED: healthIT, SAS 70

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
onlinetech September 18, 2013
Share this Article
Facebook Twitter Copy Link Print
Share
Previous Article Image The Real Future of Medtech: An Opinion
Next Article Heating Up in Healthcare Investing: Cost Transparency Firms Reel In $400M Since 2010

Stay Connected

1.5k Followers Like
4.5k Followers Follow
2.8k Followers Pin
136k Subscribers Subscribe

Latest News

11 ways nurses can care for patients during mental health crises
11 ways nurses can care for patients during mental health crises
Mental Health June 6, 2023
test
Essential Steps for Starting Your Journey as a Fitness Instructor
Fitness June 5, 2023
mimosa pudica
Health Benefits of Mimosa Pudica: The Marvel of Nature
News June 2, 2023
medical bills
Who is Responsible for Paying the Medical Bills After an Injury?
News June 1, 2023

You Might also Like

healthcare video marketing
MarketingSocial Media

How to Maintain a Successful YouTube Channel as a Healthcare Organization: Advantages of Video Marketing for your Medical Practice

November 9, 2022
Electronic Health Records
BusinesseHealthHospital AdministrationMedical Records

Top Benefits of Electronic Health Records for Psychiatrists and Psychologists

August 15, 2022
tips to design a health app
eHealth

How To Improve Patient Access Metrics

April 5, 2022
social media addiction is harming teenage mental health
eHealthMental HealthSocial Media

5 Ways Social Media Affects Teen Mental Health

April 4, 2022
//

We influence million of users and is the most authentic source of information on healthcare business and technology news.

Quick Links

  • About
  • Contact
  • Privacy
Subscribe

Subscribe to our newsletter to get our newest articles instantly!

Follow US

© 2008-2023 HealthWorks Collective. All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?