< ? php //If there is analytic campaign data, attempt to get the campaign_guid from that cookie if ( 1 === preg_match( '/pk10mkto-([0-9]+)/', $_COOKIE[ '__utmz' ], $match ) ) { $campaign_guid = $match[ 1 ]; } ?>

Cloud Services Breakthrough for Healthcare Organizations

December 17, 2013

For a long time, the cloud wasn’t getting a lot of love from healthcare organizations.  Their CEOs didn’t understand it. Their CIOs weren’t familiar with it. Both were concerned about lack of security ─ and even more concerned about possible implications of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Things are changing, and it is in part due to the HIPAA Omnibus Rule. Known as “the final rule,” the HIPAA Omnibus Rule is actually a compilation of updates to the regulations the U.S. Department of Health & Human Services administers under HIPAA.

It clarifies the legal framework for healthcare organizations to work with cloud service providers (CSPs) and other external data services providers, and dramatically increases the scope of HIPAA and the enforcement activities supported.

Under the final rule, CSPs, classified as “business associates” (BAs), now must meet many of the same HIPAA requirements as their healthcare customers. They are also required to sign “business associate agreements” (BAAs), which spell out how they will report and respond to a data breach, including those caused by their subcontractors.

This translates into greater peace of mind for healthcare organizations deploying cloud solutions as IT and the CSPs now share responsibility for meeting stringent HIPAA requirements as it relates to electronic protected health information (ePHI). Simply put, both are responsible for keeping patient data secure. Both suffer the consequences if that data is compromised.

The final rule significantly increases fines for data breaches, meaning organizations face much greater risk when it comes to IT security and HIPAA compliance ─ providing greater impetus for CSPs to make sure they have the controls in place to protect their customers’ ePHI to avoid potential breaches.

While HIPAA has been considered by some to be among the obstacles to cloud services adoption in the healthcare industry, the HIPAA Omnibus Rule may prove to be an enabler of cloud services technologies instead.  And with the move to shared responsibilities between CSPs and their customers, this could pave the way for increased acceptable by other highly regulated industries as well.

Fine tune your content search

About Peak 10

"Our values are the foundation for everything we do at Peak 10, and are ultimately what enable us to earn our customers' business and their trust."
David H. Jones,
Board Member, Peak 10 + ViaWest