HIPAA updates bring compliance issues to the forefront for cloud services

With proper training and awareness, both healthcare providers and business associates can ensure compliance with new regulations

Back in the days when healthcare records were stored in giant filing cabinets in manila folders, security was a matter of having strong locks and restricted access. But today, with all of the benefits of electronic health records and cloud storage, matters are a bit more complicated. Healthcare providers have become accustomed to the stringent regulations – and associated penalties – of the Health Insurance Portability and Accountability Act (HIPAA) but now, with new regulations looming, other providers will be forced to align themselves with the latest provisions.

Cloud service providers, in particular, will need to be compliant with HIPAA if they plan to do business with healthcare organizations. Updates to HIPAA expand the definition of “business associates,” who must follow the same guidelines as physicians and insurance providers. In fact, the new rules specifically address cloud providers, stating, “Document storage companies maintaining protected health information on behalf of covered entities are considered business associates, regardless of whether they actually view the information they hold.”

Senior Editor and Community Manager

author image

Rich Steeves

Richard P. Steeves is Senior Editor and Community Manager of InsideCounsel magazine, where he covers the intellectual property and compliance beats. Rich earned a B.A....

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.