HIPAA-compliant cloud storage

Contributor(s): Kim Hefner

HIPAA-compliant cloud storage implements the guidelines of the U.S. Health Insurance Portability and Accountability Act (HIPAA). These guidelines ensure the protected health information (PHI) in a cloud is portable, available to healthcare practitioners, error-free, and has access control policies and standards in place.

When providing HIPAA-compliant cloud storage, you should conduct a risk assessment and ask any cloud storage provider(s) under review to conduct one as well. Possible providers should also answer the following questions:

Once a cloud storage provider has been selected, it should sign a HIPAA Business Associate Agreement (BAA). This agreement details how a business associate will report and respond to a data breach, and respond to audits and other investigations conducted by the Office of Civil Rights.

This was last updated in September 2014

Continue Reading About HIPAA-compliant cloud storage

Dig Deeper on Cloud storage management and standards

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.


File Extensions and File Formats

Powered by: