Top 5 Healthcare Cloud Security Guides

Private cloud or public? Encryption – addressable or a must-have? Cloud for email and document storage, or enterprise-class infrastructure? As HIPAA continues to evolve with the deadline of the final HIPAA omnibus rule coming up (Sept. 23), it’s a good time to get a refresher on health IT security.

In case you missed these articles on HIPAA cloud security, I’ve compiled a top 5 (so far) of the must-read guides to navigating data and application hosting in the cloud for healthcare organizations of all types, including providers, insurers, software as a service (SaaS), and any other group that touches patient data.

Encryption is continuing to garner attention for its security benefits – learn more about healthcare encryption and the HIPAA Breach Notification Rule from a health IT attorney and a CPHIMS (Certified Professional in Healthcare Information & Management Systems) in our upcoming webinar, Removing the ‘Cryptic’ from ‘Encryption’ – HIPAA and the Meaning of Secure PHI.

1. What to Look for in a HIPAA Cloud Provider – Start with the basics! Nowadays, your cloud provider is considered a business associate and is subject to liability under HIPAA. This article lists the five essentials to look for in a secure and HIPAA compliant cloud provider.
2. Center for Democracy & Technology Clarifies the Healthcare Cloud – The CDT released a basic cloud computing FAQ for the healthcare industry in attempts to ‘demystify’ HIPAA and the cloud. They outline the benefits of cloud computing as well as the types of certifications to look for in a CSP (cloud service provider).
3. HIPAA Encryption in the Cloud: Don’t Sacrifice Performance for Security – This article covers issues of HIPAA encryption of data at rest and in transit. It also discusses what type of encryption to use for enterprise-class cloud infrastructure in order to avoid performance issues that could affect healthcare operations workflow.
4. Alleviating Healthcare Cloud Security Concerns – Read up on the latest statistics on health IT as reported by the HHS’s data breach data, and what type of layered security defenses your organization can use to guard against becoming another statistic.
5. High-Capacity, Encrypted HIPAA Clouds for Medical Imaging Data Security – Keeping medical devices and large diagnostic image files secure can be challenging – read about how a HIPAA enterprise cloud can support encrypted storage-intensive data and applications in conjunction with PACS (Picture Archiving and Communication Systems).

For a complete guide to HIPAA technical, administrative and physical security, read our HIPAA Compliant Hosting white paper. This white paper explores the impact of HITECH and HIPAA on data centers. It includes a description of a HIPAA compliant data center IT architecture, contractual requirements, benefits and risks of data center outsourcing, and vendor selection criteria.