A quick guide to staying “cloud compliant” with new HIPAA rules

For most companies, fulfilling the new rules deadline is Sept. 23

In March, the Health Insurance Portability and Accountability Act (HIPAA) Omnibus Final Rule (PDF) went into effect. For most companies (there are a few exceptions) to stay in compliance, they must fulfill those rules by Sept. 23.

As reported on InsideCounsel last week, the updates expand the definition of “business associates,” who must follow the same guidelines as physicians and insurance providers. The new rules specifically address cloud providers, reading, “Document storage companies maintaining protected health information on behalf of covered entities are considered business associates, regardless of whether they actually view the information they hold.”


Cathleen Flahardy

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.