HIPAA vs The Cloud

HIPAA vs The Cloud

HIPAA vs The Cloud

27 July 2011 | Chris Witt, WAKE TSI

Cloud computing provides a cost effective service option for the IT needs of healthcare organizations; however, loss of assured end-to-end control of data can create HIPPA compliance issues. Chris Witt, CEO of WAKE Technology Services, serves up his perspective on the tradeoffs

If you are involved in healthcare IT, you know all about HIPAA and the responsibility it puts on the organization to protect patient information. In the early days of HIPAA regulations, there were only general guidelines and required outcomes to help direct IT departments in reaching compliance.

The fact that most organizations maintained a “closed” system – meaning they had their own data center, with very little data being exposed outside of the organization – made compliance relatively simple. Our biggest worry was the tape media being rotated out to our favorite offsite storage facility.

Over time, data center strategies have evolved to include collocation and managed services. While this has added some complexity to HIPAA compliance, you still know exactly where your data resides and have a good idea of who could potentially access it from the third-party provider. Now cloud computing has been added to the mix of service options. This creates some interesting HIPAA compliance challenges because absolute end-to-end control of the data is no longer assured.READ MORE