For years, The healthcare industry has been thinking about the very last sector to embrace cloud computing. With HIPAA compliance, storing private patient data is a security and legal standpoint from far too much risk. However, with a government-issued mandate to migrate patient data to electronic heath records in 2015, the cloud of cost-effectiveness is simply too logical for independent practitioners and small healthcare entities to now be burdened by technology and tech-savvy. personnel. If only there was a way around the security and privacy concerns. 

Wish granted. In January of 2013, the U.S. The Department of Health and Human Services provides a few revisions to the regulations under the Health Insurance Portability and Accountability Act of 1996. Labeled the “Final Omnibus Rule,” Providers. 

With a signed Business Associate (BA) agreement, a cloud service provider accepts the responsibility to protect HIPAA law under patient data. This expanded definition of BA means that the government can now penalize cloud service providers for accountable data breaches.  

Although many healthcare organizations already have some cloud service providers entrusted with their data, only the HIPAA covered entity (the healthcare organization) was penalized for a breach prior to this. While the HIPAA covered entity is still responsible for oversight, this shared accountability of the cloud service provider has expanded responsibility and led to an influx of healthcare organizations and cloud service providers working together, worry-free, in perfect harmony. 

If you have questions related to this topic or IT issues in general, please feel free to contact us using the information provided below:

Telephone: (408) 400-0232