Necessity of HIPPA-Compliance for storing Healthcare Data
In an era where healthcare operators are fast falling behind if they aren’t on the internet, taking shortcuts for protected health information (PHI) becomes commonplace. While standard web hosting servers are capable of storing and serving healthcare data, they are incapable of providing services complying with the Health Insurance Portability and Accountability Act (HIPAA), or even providing a platform for a skilled developer to build HIPPA-compliant services and applications. The fundamental requirements of HIPPA compliance include transport and storage encryption, authorization, backups, and data integrity and disposal. HIPPA non-compliance should not be taken lightly, as it could lead to large fines, or, in extreme cases, imprisonment.
Check out: Top Healthcare Compliance Companies
HIPPA-compliant hosting providers provide a foundation to build HIPPA-compliant services. HIPPA’s authorization requirement stipulates that only authorized people can access PHI—this is done through audited access controls. The data thus remains protected from people not having permission from inside the data center or over the network.
Healthcare data storage must be done carefully to ensure that it is not altered or tampered with. The easiest way to prevent data tampering is by encryption—this, however, is not a service that most web hosts provide easily. Ensuring whole-disk encryption is not only safer but also reduces complexity—it should become a standard part of HIPPA-compliant hosting plans.
Companies that process or store PHI information need to either build a HIPPA-compliant hosting platform or use the services of a third-party vendor providing the same. The second is the preferred option because only an experienced hosting provider can provide a trustworthy HIPPA business associate agreement.
While HIPPA-compliant hosting appears similar to standard web hosting, building a reliable platform empowering healthcare professionals in building HIPPA-compliant services requires effort.
By Pete V. Sattler, VP-IT & CIO, International Flavors &...
By Benjamin Beberness, CIO, Snohomish County PUD
By Gary Watkins, CIO of IT Shared Services, KAR Auction...
By Tonya Jackson, VP Global Supply Chain, Lexmark
By Chad Lindbloom, CIO, C.H. Robinson
By Ryan Fay, CIO, ACI Specialty Benefits
By Kris Holla, VP& CSO, Nortek, Inc.
By Shawn Wiora, CIO & CISO, Creative Solutions In Healthcare
By Michael Alcock, Director-CIO Executive Programs &...
By Jeff Bauserman, VP-Information Systems & Technology,...
By Wes Wright, CTO, Sutter Health
By Peter Ambs, CIO, City of Albuquerque
By Mark Ziemianski, VP of Business Analytics, Children's...
By Jonathan Alboum, CIO, The United States Department of...
By Ryan Billings, MS, MBA, Executive Director, Digital...
By Christina Clark, Managing Principal, Cresa
By Evan Abrams, Associate, Steptoe & Johnson LLP
By Holly Baumgart, Vice President-Information Technology,...
By Melissa Douros, Director of Digital Product Management,...
By Andrew Palmer, SVP & Chief Information Officer, U.S....