Key to HIPAA compliance is understanding your data center and cloud risks

Regarding HIPAA compliance, understanding "risks in your own data center," said David Pollard of Connectria Hosting, "is key to understanding your risks in the cloud." Pollard, Regional Director at Connectria, says that he still encounters executives who believe that hiring a "HIPAA cloud provider somehow mitigates their own needs for compliance." HIPAA is the Federal Health Insurance Portability and Accountability Act of 1996.

 

Healthcare organizations to need dig deep into their cloud service agreements and also perform a HIPAA assessment to know "where your vulnerabilities lie, allowing you to find a provider that will help you cover your gaps," explained Pollard. Nor can HIPAA cloud providers in the current threat environment say they "have a HIPAA Compliant solution and only provide the minimum infrastructure."…