Tag: HIPAA cloud computing

Although SAS 70 (Statement on Auditing Standards) has been dead for quite some time now, we’ve found that those lagging in the health IT industry may still be confused about why SAS 70 is no longer the audit to look for when it comes to ensuring security with a cloud hosting provider. In fact, false information about SAS 70 as a qualifier for cloud computing security supporting the healthcare industry is still an issue. Some suggest that SAS 70 is …

According to HITRUSTAlliance.net’s report on U.S. healthcare data breaches affecting 500 or more individuals, A Look Back: U.S. Healthcare Data Breach Trends, the leading cause of breaches involved theft (54 percent) and the leading sources of breached PHI (protected health information) were laptops (25 percent) and paper records (24 percent). The most frequently stolen items included laptops, desktops and mobile media (USB drives, CDs/DVDs, backup tapes). When it came to business associates, they accounted for 58 percent of the records …

The added business value of cloud computing is multi-faceted, as Online Tech’s co-CEO Mike Klein outlined in a previous article, The Six Benefits of Cloud Computing, which I’ll summarize here: Lower Costs Pooling of computing resources means better efficiency and use of the entire shared IT infrastructure, since only what is needed is distributed to applications on-demand. Lower Maintenance Costs Save on hardware upfront and maintenance costs since the cloud uses less physical resources. If you outsource to a cloud …

A recent Google search brought me to a health IT blog, Life as a Healthcare CIO, and the post entitled The Reality of SaaS. The author discusses whether or not SaaS/cloud computing is appropriate for EHR (electronic health record) hosting – he reinforces the fact that “current regulatory and compliance mandates require that you find a cloud hosting firm which will indemnify you against privacy breaches caused by security issues in the SaaS hosting facility.” While especially true now, he …

Attending the national healthcare conference HIMSS 13 in March? Sign up to schedule a free one-on-one consultation with our health IT panel of experts on topics such as: Legal implications of the final HIPAA omnibus rule Healthcare business continuity/disaster recovery Mobile health applications HIPAA compliant cloud computing Featuring a health IT attorney, Certified HIPAA/Information Systems Security Professional, mobile health specialist, and compliant cloud computing specialist. Registration is free and easy with our online form. Sign up today as time slots …

The long-awaited final modifications to the HIPAA Privacy, Security, Enforcement and Breach Rules were introduced Thursday. The 563-word document outlines the changes that were initially slated for implementation last summer (remember the omnibus rule?). So how do these modifications affect HIPAA cloud providers? While cloud providers have generally been considered and treated as business associates in the industry, the modifications make it even clearer that data center operators are officially considered business associates and are also directly liable for being …

Since it’s never too early to create a HIMSS 13 schedule, I’ve compiled a list of the top health IT (specifically cloud computing) education sessions to attend from the HIMSS 13 Annual Brochure (PDF). Visit the HIMSS 13 conference site for more information about the annual health IT and management systems conference held from March 3-7. This year’s conference will be located in New Orleans at the Ernest N. Morial Convention Center, and typically draws in more than 35,000 healthcare …

In June, the FCC (Federal Communications Commission) created a mHealth Task Force from a group of the nation’s leading mobile healthcare IT industry, including government and academic experts, according to a recent press release. This group generated a report with recommendations on mHealth technology use, released on Sept. 24. The document is written for a federal and regulatory audience more so than the consumer or business-based mobile health IT organization. However, each recommendation will eventually affect the producers and consumers …

A recent article from HealthCareITNews.com details the top five security vulnerabilities that “could mean trouble” – that is, result in a data breach. While these risks are entirely valid, the article doesn’t offer tactical solutions or alternatives to reduce said risks. [Note: these security vulnerabilities should be of concern in any industry, not just healthcare – i.e., financial, ecommerce, software, etc.]. So I thought I would respond: Theft. The article acknowledges that lost or stolen media, often in the form …

Online Tech will be attending and participating on a panel at the HIT (Healthcare Information Technology) ’12 conference, Healthcare Information Transformation, in Jacksonville, Florida next week, April 3-4, 2012. A variety of health plans, physician groups, hospitals, governmental associations and service providers will be in attendence to discuss improving patient care with IT. April Sage, Director of the Healthcare Vertical at Online Tech, will be speaking on a panel about PHI (protected health information) in the Cloud. PHI in the Cloud will …

Get started now. Exceptional service awaits.

Live Chat