By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Get Compliant or Get Out of the Game: HIPAA’s No Joke
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Medical Records > Get Compliant or Get Out of the Game: HIPAA’s No Joke
eHealthMedical RecordsPolicy & LawTechnology

Get Compliant or Get Out of the Game: HIPAA’s No Joke

onlinetech
onlinetech
Share
4 Min Read
HIPAA Cloud Hosting
SHARE

HIPAA Cloud HostingAttention hosting companies currently supporting healthcare clients: get compliant or get out of the game.

HIPAA Cloud HostingAttention hosting companies currently supporting healthcare clients: get compliant or get out of the game. For those still unaware, cloud hosting and other IT vendors involved with the storage or transmission of healthcare data must meet HIPAA compliance by…two days ago (September 23). So, by the end of the year, at least, for all you laggers. Here’s what happens if you are not compliant, and still continue to serve healthcare clients:

  • You may be subject to an audit conducted by the federal government;
  • You could pay some major fines;
  • You could lose a lot of business;
  • And if you suffer a data breach (of unencrypted data affecting 500 people or more), you will definitely be subject to all of the above.

And for covered entities (healthcare organizations that deal with protected health information (PHI)), if you’re hosting your data and/or applications with a non-compliant business associate (hosting provider), then you can also be held liable in the event of a data breach. Switch to an audited and compliant HIPAA hosting provider, and you’ll be in the safe zone (note: your organization also needs to maintain compliance; your IT vendor does not make you compliant by proxy).

Cloud vendors can’t really afford to take the risk of supporting healthcare clients without first ensuring they’re operating fully in compliance with HIPAA. And HIPAA is a lot more than just technical security – the standards also require administrative and physical security safeguards. A few examples include:

More Read

Creating Infographics Can Help Increase Your Hospital’s Credibility
HHS Secretary to Create Transparency Mechanisms to Address Medical Billing Costs
Helping Your Aging Parents Plan For Their Financial Future
Did We Learn the Secret to Fixing Healthcare in Kindergarten?
Informal Influence in Healthcare: #NPSFLLI7

Administrative Security

  • Annual audits and reports indicate that business associates are maintaining ongoing compliance, not just a point-in-time
  • Documented policies and procedures should reflect protocol in the event of a data breach, including notification time
  • Staff training is specific to business associates and hosting providers on how to handle ePHI (electronic protected health information)

Physical Security

  • Limited and authorized personnel access to locked servers
  • Dual factor authentication for building access (we use biometrics; fingerprint ID + badges)
  • Environmental controls include logged surveillance cameras, 24×7 monitoring and multiple alarm systems

Technical Security

  • Encryption of data in transit and at rest requires VPNs, SSL, two-factor authentication and hardware-based storage encryption
  • Daily log review tracks user activity and analyses them to identify any potential issues and patterns
  • Vulnerability scanning checks for outdated versions of software, web apps that aren’t securely coded, and misconfigured networks

And so much more! The point is, HIPAA compliance is a little more complex as it involves assessing unique organizational structures to ensure there are no security gaps, as well as ongoing maintenance for complete data protection. And if you’re currently using a non-compliant hosting provider to host patient data, you’d better find a new one that is compliant…like yesterday.

TAGGED:dataHIPAAPrivacy
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5KFollowersLike
4.5KFollowersFollow
2.8KFollowersPin
136KSubscribersSubscribe

Latest News

a person putting a bandage on a woman s head
The Long-Term Health Consequences of Untreated Personal Injuries
Health care
July 17, 2026
medicare mistakes seniors usually make
The Hidden Healthcare Costs Seniors Should Plan For
Global Healthcare Senior Care
July 15, 2026
The Complex Reality of Medication Management During Recovery
The Complex Reality of Medication Management During Recovery
Addiction Recovery
July 15, 2026
exercise benefits
How Exercise Shapes The Teenage Body And Mind
Infographics
July 12, 2026

You Might also Like

health care advice
Medical EducationPolicy & LawTechnology

Skate to Where Health Care Is Going, Not to Where It Has Been

August 4, 2013
White Coat Designs
BusinesseHealthSocial Media

Physician Liaison Programs – Critical to Practice Growth

July 2, 2015
HIMSS Virtual Conference Education Center
eHealth

HIMSS Virtual Conference: Pursuing Healthcare Transformation Through IT

June 7, 2012
Coke Joins Obesity
Public Health

Coke and Obesity- a Weight Loss Surgeon’s Perspective

January 17, 2013
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2026 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?