By:   | Be the first to comment!

Most of us are well versed with the fact  that cloud technology enables healthcare organizations to concentrate their efforts on services being delivered and improved patient outcomes, significantly reducing the load of work of infrastructure management, simplifying technology adoption and driving down operational costs . Forbes had some time back reported that HIMSS Analytics’ survey of cloud computing adoption in healthcare provider organizations researched that 83% of the executives report they are using cloud services today.

The first step

A Digital Healthcare company should filter out potential cloud partners for their procedural, physical, operational and technical readiness to incorporate the PHI (Protected Health Information) ensuring the safety of the transactions containing PHI data. Any good-established commercial hosting facility has a variety of industry certificates: ISO 27001, PCI DSS Level 1, SSAE 16 etc. When it comes to claiming HIPAA compliance, cloud vendors often include terms such as HIPAA enabled, which very well represents the security-related technical capabilities excluding legal compliances.



7 tips for choosing your healthcare cloud service provider


  1. Security: The security program of your chosen cloud provider should meet the specific policies and procedures required by HIPAA. Firewalls, anti-virus detection, multifactor user authentication and data encryption, and routine security audits  are some security measures to be checked. It's also important to ask who at the cloud company will have access to your data in the cloud and whether the cloud provider does employee background checks to filter out potential cybercriminals or identity thieves. Another good measure to check that it can withstand a myriad of security threats is a Standards for Attestation Engagements 16 (SSAE 16) certification.
  2. Downtime history: Ideally, the best answer to this question is never. Although, even the biggest, best-known cloud providers occasionally experience downtime . Though it is a cost to your business ,it's best to choose a provider with as few as possible. Some vendors post their downtime history logs online. If not, be sure to ask for a cloud provider's track record.
  3. Disaster recovery: In case of a human-induced or natural disaster, your cloud provider should have a plan to address the recovery and ensure continuation of technology infrastructure that is critical to a Covered Entity. What provisions are in the company's Service Level Agreement (SLA) that address potential data losses?
  4. Knowledge about your data location It’s important that your cloud provider shares information about the location of your data: Unlike many cloud providers that store your data on servers in foreign countries, thus making it subject to search by the foreign governments in those countries, HIPAA-secure cloud providers store your data on a server in the United States.
  5. Customer support services: For a healthcare CSP without an exception, technical support should be available to you online or by phone 24 hours a day, every day, including holidays.
  6. Cloud scale up abilities: As your business grows, so will your cloud storage needs. To ensure that you're choosing a flexible cloud provider, find out what additional storage capacity and other services can be offered over time and for how much.

Leave a comment