3 steps to HIPAA security in the cloud

Grazed from GovHealthIT. Author: David Linthicum.

The default response for those charged with HIPAA security is to say ‘no’ to cloud computing. Why? Clouds are not under direct control, they are not typically up on existing and emerging healthcare regulations, and, most importantly, they are new and scary. There is a clear need, however, to rethink the role of cloud computing by those charged with HIPAA security. The efficiencies that can be gained by leveraging public, private, and hybrid clouds are just too compelling.

The trick is to understand the existing requirements, and then understand how the emerging use of cloud computing could provide compliant and secure HIPAA solutions. In many cases, leveraging cloud computing will improve upon the best practices and technology that exist today. Here are three steps to using HIPAA in the cloud:…

Step 1: Understand the details of the requirements.

One of the things that I find most frustrating is dealing with myths versus reality when it comes to HIPAA Security and cloud adoption. The “addressable” requirements of the security rules tend to be the most difficult to meet. Thus, these addressable requirements have a tendency to fall off of the radar, and therefore could create issues with compliance…

Read more from the source @ http://www.govhealthit.com/news/no-fear-3-steps-hipaa-security-cloud