Sunday 1 July 2012
HIPAA Hosting with Amazon Web Service
Among the zillion costly HIPAA hosting providers, AWS is one of the best possible, affordable HIPAA hosting provider. The hosting services are so much of junk with advertisements that a lot of good services lke Amazon get hidden. Unfortunately, its also because Amazon doesn't offer a business ready HIPAA solution. Whoever wants a HIPAA hosting need to rent their infrastructure and build on it on their on. Yes its a bit complex but the cost would be much less than buying it from another hosting provider. Apart from that, you get the flexibility to design the mechanisms according the the needs of your organization too. If you are good with cloud service programming then by using the services like Elastic Cloud and Amazon DB you could design the perfect HIPAA compliant hosting service for you enterprise. All you have to do is after creating the basic hosting infrastructure, add the security configurations necessary as per the HIPAA Guidelines, this step involves adding secure storage, automated periodic back-up and encryption on the fly. Most of these services are provided by Amazon Web Service already.
Monday 2 April 2012
Checking HIPAA Hosting Compliance - 3 Essential Qualities
HIPAA compliant storage management is fundamentally concerned with few important qualities that you must follow. The main point the health organization should understand is that the privacy of a person is preserved with utmost confidentiality and the data is accessible quickly in any situation. Following three qualities are required for HIPAA compliant storage.
- Data Integrity : Means, data storage is done in the most systematic manner . There shouldn't be any data duplication in the system. All storage must be optimized for reduced database usage. Integrity is can be technically associated with the concepts of 'normalization' followed in the database i.e. database tables will be designed with special attention to avoid data duplication, in fact the actual data will be stored in one place although it could be accessed and displayed in several places.
- Availability of Data : In a medical environment the data should be available even if any contingencies happen suddenly. One solution is storing data off-site in some other environment and taking automated back-ups every day.
- Confidentiality : The patient data electronic Patient Health Record ( ePHR ) must be stored in a secure environment, protected from external intrusion attempts and encrypting on the fly. Only the permitted data must be accessible to people permitted to access it.
In IT the technologies used to implement these features change rapidly over time. However, choosing a good one working fine for the past few years would be fine.
Monday 12 March 2012
How To Find The Best HIPAA Compliant Hosting Provider For Your Helath Center ?
Due to the parallel growth of IT in health sector, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), has now become a vital part of all the the technology implementations in a healthcare institute. A HIPAA Compliant web hosting is necessary when you want to host the records and files of your patient on a server. The HIPAA Compliance makes it very strict to allow access to Patient health information (PHI) only for the person who are meant to be. It also implements other security methods encryption of data in the network, intrusion detection and logging of operations on the system. Currently, there are several top notch hosting providers with Hipaa compliance. Researching on each of their features deeply would help you find the right one that suits your health care institute and save you the cost of leasing expensive hosting service from the provider. Stay tuned for the analysis reports of each HIPAA Compliant hosting provider!
There are dozens of such compatible hosting providers popping up every month. An analysis on some of the Best HIPAA Compliant Hosting Providers could reveal staggering difference in the prices of each of them. This is the area in Hosting is a gold mine for all those hosting providers. The HIPAA documentation doesn't specify ' techinically' how these procedures in law should be implemented ( Eg: as encryption- for secure data storage , the HIPAA documentation specify exactly which algorithm to follow ). This cramps up the people at health institutions who are less technically familiar with computing terms. This unawareness is often exploited by several hosting providers and charged high fee for small services. Unless you want to see a hefty hosting bill every month, its better to conduct an audit from a trusted HIPAA expert and estimate the actual cost before jumping in for a plan.
Should I hire a System Admin and maintain my own system HIPAA Compliant system or sign-up for a full-package service from an external vendor?
First, there is no one size fits all solution for HIPAA Compliant hosting. You'll have custom db, services etc even if you are going to get the service directly from a vendor. But this will, of course be far cheaper and reliable than hiring a sys admin and setting up your own systems.
I've been investigating on more hipaa compliant hosting services and found this useful discussion in YCombinator News. YCombinator is one of the world's best start-up incubators and recently there have been new companies focusing on HIPAA related services. It will be good bet to get services from one of these new service providers since they'll be very responsive and much more affordable. If you got to the thread you can directly find some contact info of company owners and you can talk to them for a special plan that suits you. Soon, I'll try to list out about the HIPAA providers discussed in the this YC thread.
There are dozens of such compatible hosting providers popping up every month. An analysis on some of the Best HIPAA Compliant Hosting Providers could reveal staggering difference in the prices of each of them. This is the area in Hosting is a gold mine for all those hosting providers. The HIPAA documentation doesn't specify ' techinically' how these procedures in law should be implemented ( Eg: as encryption- for secure data storage , the HIPAA documentation specify exactly which algorithm to follow ). This cramps up the people at health institutions who are less technically familiar with computing terms. This unawareness is often exploited by several hosting providers and charged high fee for small services. Unless you want to see a hefty hosting bill every month, its better to conduct an audit from a trusted HIPAA expert and estimate the actual cost before jumping in for a plan.
Should I hire a System Admin and maintain my own system HIPAA Compliant system or sign-up for a full-package service from an external vendor?
First, there is no one size fits all solution for HIPAA Compliant hosting. You'll have custom db, services etc even if you are going to get the service directly from a vendor. But this will, of course be far cheaper and reliable than hiring a sys admin and setting up your own systems.
I've been investigating on more hipaa compliant hosting services and found this useful discussion in YCombinator News. YCombinator is one of the world's best start-up incubators and recently there have been new companies focusing on HIPAA related services. It will be good bet to get services from one of these new service providers since they'll be very responsive and much more affordable. If you got to the thread you can directly find some contact info of company owners and you can talk to them for a special plan that suits you. Soon, I'll try to list out about the HIPAA providers discussed in the this YC thread.
Subscribe to:
Posts (Atom)