By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    data-driven image seo
    Data Analytics Helps Marketers Substantially Boost Image SEO
    8 Min Read
    construction analytics
    5 Benefits of Analytics to Manage Commercial Construction
    5 Min Read
    benefits of data analytics for financial industry
    Fascinating Changes Data Analytics Brings to Finance
    7 Min Read
    analyzing big data for its quality and value
    Use this Strategic Approach to Maximize Your Data’s Value
    6 Min Read
    data-driven seo for product pages
    6 Tips for Using Data Analytics for Product Page SEO
    11 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: How the Final Omnibus Rule Affects HIPAA Cloud Computing Providers
Share
Notification Show More
Latest News
anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security
ai in software development
3 AI-Based Strategies to Develop Software in Uncertain Times
Software
ai in ppc advertising
5 Proven Tips for Utilizing AI with PPC Advertising in 2023
Artificial Intelligence
data-driven image seo
Data Analytics Helps Marketers Substantially Boost Image SEO
Analytics
ai in web design
5 Ways AI Technology Has Disrupted Website Development
Artificial Intelligence
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Cloud Computing > How the Final Omnibus Rule Affects HIPAA Cloud Computing Providers
Cloud ComputingPrivacySecurity

How the Final Omnibus Rule Affects HIPAA Cloud Computing Providers

onlinetech
Last updated: 2013/01/19 at 7:57 PM
onlinetech
5 Min Read
SHARE
- Advertisement -

The long-awaited final modifications to the HIPAA Privacy, Security, Enforcement and Breach Rules were introduced Thursday. The 563-word document outlines the changes that were initially slated for implementation last summer (remember the omnibus rule?). So how do these modifications affect HIPAA cloud providers?

The long-awaited final modifications to the HIPAA Privacy, Security, Enforcement and Breach Rules were introduced Thursday. The 563-word document outlines the changes that were initially slated for implementation last summer (remember the omnibus rule?). So how do these modifications affect HIPAA cloud providers?

- Advertisement -

While cloud providers have generally been considered and treated as business associates in the industry, the modifications make it even clearer that data center operators are officially considered business associates and are also directly liable for being compliant with the HIPAA standards that apply to business associates. The federal document states:

A data storage company that has access to protected health information (whether digital or hard copy) qualifies as a business associate, even if the entity does not view the information or only does so on a random or infrequent basis. Thus, document storage companies maintaining 26 protected health information on behalf of covered entities are considered business associates, regardless of whether they actually view the information they hold.  To help clarify this point, we have modified the definition of “business associate” to generally provide that a business associate includes a person who “creates, receives, maintains, or transmits” (emphasis added) protected health information on behalf of a covered entity.

More Read

HIPAA compliant fax

Data Security Considerations Pertaining to HIPAA Fax

Data Analytics Solutions To HIPAA Compliance During Quarantine
HIPAA Violations Cost Health Insurer $1.7 Million: Lessons Learned
HIPAA Breach Lessons Learned
HIPAA in a HITECH World: HIPAA Violations on the Rise

As I wrote about in Healthcare Organizations: Seeking a Cloud Provider? BAAs Required, healthcare organizations need to be cautious about signing with ‘HIPAA-ready’ or ‘HIPAA certified’ cloud hosting providers. Being ‘HIPAA compliant’ or ‘HIPAA audited’ means they have undergone an independent audit, preferably measured against the latest OCR HIPAA Audit Protocol that outlines each requirement and auditor testing criteria.

If you use a cloud service, it should be your business associate. If they refuse to sign a business associate agreement, don’t use the cloud service. – David S. Holtzman of the Health Information Privacy Division of OCR during a speech at the Health Care Compliance Association’s 16th Annual Compliance Institute.

Another point they make is that business associates must also adhere to the Breach Notification Rule – including the subcontractors of business associates. For an example of what a breach notification clause might look like in a business associate agreement (BAA), read our BAA Breach Notification Clause.

- Advertisement -

Covered entities and business associates should take note – the document also states that “these proposed changes would make covered entities and business associates liable under § 160.402(c) for the acts of their business associate agents, in accordance 61 with the Federal common law of agency, regardless of whether the covered entity has a compliant business associate agreement in place.”

While business associates and agents are directly liable under HIPAA, covered entities are also directly held responsible for any actions of their business associates and other contractors down the chain of command; making a great case for why it’s important to carefully choose your HIPAA cloud hosting provider. Healthcare Software as a Service (SaaS) companies, EHR providers and other supporting healthcare vendors need to ensure their cloud Infrastructure as a Service (IaaS) providers undergo annual HIPAA audits, train their staff in security, and have the policies and procedures in place that adhere to security guidelines.

HIPAA Compliant Hosting White PaperFor more on using the cloud and secure hosting for HIPAA compliant solutions, read our HIPAA Compliant Hosting white paper. Questions to ask your HIPAA hosting provider, data center standards cheat sheet and a diagram of the technical, physical and administrative security components of a HIPAA hosting solution (including HIPAA compliant clouds) are included.

Mobile Security White PaperOr read our Mobile Security white paper for how to secure electronic protected health information (ePHI) while using mobile devices in the workplace, ideal for any healthcare organization interested in implementing a secure BYOD (Bring Your Own Device) environment.

Still have questions? Contact us or chat now.

- Advertisement -

References:
HHS: Modifications to the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (PDF)

The post How the Final Omnibus Rule Affects HIPAA Cloud Computing Providers appeared first on Managed Data Center News.

TAGGED: hipaa
onlinetech January 19, 2013
Share this Article
Facebook Twitter Pinterest LinkedIn
Share
- Advertisement -

Follow us on Facebook

Latest News

anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security
ai in software development
3 AI-Based Strategies to Develop Software in Uncertain Times
Software
ai in ppc advertising
5 Proven Tips for Utilizing AI with PPC Advertising in 2023
Artificial Intelligence
data-driven image seo
Data Analytics Helps Marketers Substantially Boost Image SEO
Analytics

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

HIPAA compliant fax
Big Data

Data Security Considerations Pertaining to HIPAA Fax

5 Min Read
data privacy and HIPAA
Security

Data Analytics Solutions To HIPAA Compliance During Quarantine

6 Min Read

HIPAA Violations Cost Health Insurer $1.7 Million: Lessons Learned

4 Min Read
HIPPA compliance
Best PracticesBig DataData ManagementInside CompaniesITLocationPolicy and GovernancePrivacySecurity

HIPAA Breach Lessons Learned

5 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data
giveaway chatbots
How To Get An Award Winning Giveaway Bot
Big Data Chatbots Exclusive

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?