News Feature | November 14, 2014

New Options To Stay HIPAA Compliant With The Cloud

By Megan Williams, contributing writer

GE To Resell Caradigm IAM Solution

Answering your clients’ needs in responsible ways means that no one can ignore the benefits that cloud computing can bring to the healthcare space. With all the benefits of flexibility, location independence, and cost-savings that cloud computing carries with it, the risks that it poses to the industry can’t be understated, especially when you consider the sheer number of regulatory violations that can occur.

Thankfully, with advancements in the sector, staying HIPAA compliant while reaping the benefits of cloud computing is very much possible.

Data Collaboration

Sharing files outside of the healthcare space is simple, especially with the proliferation of services like Dropbox and Google Drive. Within healthcare’s boundaries though, HIPAA compliance can become a huge challenge, especially for business associates like VARs and other IT solutions providers. Citrix has introduced a new and helpful offering to the field. Citrix has signed a business associate agreement and launched the Citrix And ShareFile Cloud For Healthcare, allowing organizations to interact with data in a HIPAA-approved space.

Public Healthcare Cloud

Amazon has also stepped into the “safe” healthcare cloud space with its Amazon AWS service. It provides a HIPAA-compliant hosting environment for healthcare organizations and allows covered entities (and business associates) to leverage the AWS environment in ways that do not jeopardize their status. Amazon has even released a white paper (“Creating Healthcare Data Applications To Promote HIPAA And HITECH Compliance”) to any organizations interested in the service.

In their own words, “AWS provides a reliable, scalable, and inexpensive computing platform ‘in the cloud’ that can support health care customers’ applications in a manner consistent with HIPAA and HITECH. This platform is built on the same robust technology that Amazon.com uses to run its global web properties. Amazon EC2 offers a flexible computing environment with root access to virtual machines and the ability to scale computing resources up or down depending on demand. Amazon S3 offers a simple, reliable storage infrastructure for data, images, and back-ups. These services change the way organizations deploy, manage, and access computing resources by utilizing simple API calls and pay-as-you-use pricing.”

Private Clouds

For clients that may not be interested in public cloud options, much advancement is being made in the private cloud arena. You can house multiple clients within your own data center with network, storage, and data abstraction options. Any information that is bound by HIPAA policies can be segmented into separate nodes on a network.

Beyond that, data abstraction will give complete control of the data flow regardless of the backend physical architecture. You will likely be looking at solutions by companies like Citrix and VMware in implementing private cloud solutions.

To read more on your options on balancing the benefits of the cloud with HIPAA compliance, please visit Health IT Security.