By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: The Impact of HITECH & HIPAA on Data Centers
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Uncategorized > The Impact of HITECH & HIPAA on Data Centers
Uncategorized

The Impact of HITECH & HIPAA on Data Centers

onlinetech
onlinetech
Share
0 Min Read
HIPAA Compliant Data Centers White Paper
SHARE

HIPAA Compliant Data Centers White PaperOur HIPAA hosting and HIPAA compliant data center white paper provides a description of a HIPAA Compliant Data Centers White PaperOur HIPAA hosting and HIPAA compliant data center white paper provides a description of a HIPAA compliant data center IT architecture, contractual requirements, benefits and risks of data center outsourcing, and vendor selection criteria. Section 2.0 discusses the impact of HITECH and HIPAA on data centers:

Protecting the confidentiality, integrity, and availability of electronic protected health information (ePHI) is the essence of the HIPAA Security Rule1. Since data centers typically store, transmit, or process ePHI, they must comply with the HITECH standards and citations to meet HIPAA compliance. The same risk analysis, administrative safeguards, physical safeguards, technical safeguards, and ongoing due diligence apply just as much in the data center as in a provider’s facility.

While there is some debate about the responsibilities of business associates for the protection of ePHI, all indications point toward business associates being held as responsible as covered entities. Consider the latest notice of proposed rulemaking that speaks to the extension of responsibilities from covered entities to business associates:

As with the Privacy Rule, the Security Rule requires covered entities to have contracts or other arrangements in place with their business associates that provide satisfactory assurances that the business associates will appropriately safeguard the electronic protected health information they receive, create, maintain, or transmit on behalf of the covered entities.

Moreover, both covered entities and business associates should bear in mind that prosecution by the Office of Civil Rights (OCR) under HITECH is not the only legal concern. The last year has witnessed an increase in state and consumer lawsuits against both covered entities and business associates. In January 2012, Minnesota Attorney General filed a lawsuit against Accretive Health, for failing to protect the confidentiality of over 23,000 patient healthcare records.

More Read

Video:Insights from the Industry: The Biggest Challenges HIM Departments are Facing
The Importance of Patient Engagement in a Successful HIE
Where are the Women CEOs in Health IT?
Diagnosing Patient Dissatisfaction: 5 Top Causes
PCI Report on Compliance

HIPAA Compliant Data Centers White Paper

The safest and most diligent practice to protect ePHI is to ensure that the same policies, risk management, safeguards, and ongoing compliance governance standards are followed no matter where ePHI resides. This means that data centers, whether in-house or outsourced, need to fully embrace complete responsibility for ePHI.

In the areas of administrative safeguards, such as ongoing HIPAA awareness and training for all employees, healthcare providers tend to be stronger. In the areas of technical safeguards and PHI availability, professional data center companies that invest extensively in redundant facility infrastructure and security may be the safer bet.

Ideally, either a healthcare provider would have infinite resources to build and maintain multiple, high-availability data centers or a data center hosting business associate would have a thorough understanding of HIPAA compliance including a HIPAA security risk analysis and management, policies, training of all employees, and ongoing HIPAA compliance audits. While both ideals exist, they are in the minority.

In these cases, the weighing of the pros and cons falls back to the risk analysis and management to choose the best option that will maintain ePHI confidentiality, integrity, and availability.

HIPAA White Paper Download

Read more in our free HIPAA Compliant Data Centers white paper – download it today!

References:
HIPAA Security Series: Basics of Risk Analysis and Risk Management (PDF)
U.S. Dept. of Health and Human Services, Federal Register Part II
Attorney General Swanson Sues Accretive Health for Patient Privacy Violations

TAGGED:HIPAA compliance
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

a woman walking on the hallway
6 Easy Healthcare Ways to Sit Less and Move More Every Day
Health
September 9, 2025
Clinical Expertise
Healthcare at a Crossroads: Why Leadership Matters More Than Ever
Global Healthcare
September 9, 2025
travel nurse in north carolina
Balancing Speed and Scope: Choosing the Nursing Degree That Fits Your Goals
Nursing
September 1, 2025
intimacy
How to Keep Intimacy Comfortable as You Age
Relationship and Lifestyle Senior Care
September 1, 2025

You Might also Like

can AI protect healthcare workers
Uncategorized

3 Essential Steps To Avoid Contracting COVID-19

June 11, 2020
Uncategorized

What Are the Most Common Nutrient Deficiencies?

March 30, 2022
eHealthMedical RecordsUncategorized

How HIPAA Applies to Medical Marijuana Businesses and Patients

July 8, 2020
soy supplements from Herbalife get great reviews
Uncategorized

The Benefits and Drawbacks of Popular Natural Health Supplements

October 28, 2021
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?