On February 28, 2017, a widespread outage, or, as the hosting provider called it, “high error rates”, took down many prominent websites. We at ByteGrid look at any incident as a learning opportunity, and we were immediately busy measuring ourselves against compliant hosting requirements for an outage like this.
The New Year is right around the corner. Time to shake off the cobwebs & set the goals for 2017. For me, that means setting compliance goals for the year. An easy place to start is with those high-value items that come to the top every year. We in regulated industries know that compliance isn’t something you can just do once & forget about, & the new year is a perfect time to look back at lessons learned and to start checking off the base items for this year.
In October, the HHS Office of Civil Rights (OCR), announced the release of their guidance on HIPAA and cloud computing. The guidance clarifies some of the requirements for health organizations that want to make use of the cloud. Here are some highlights:
One of the main things that makes ByteGrid ‘stand out from the crowd’ of other hosting providers is our ability to support audits. This is one of the #1 reasons that our clients have partnered with us. We offer full audit support & we don’t expect blind trust. Regulated companies should expect transparency when selecting a datacenter partner. Regulatory agencies require it. Your GxP and HIPAA compliant hosting provider should fully support your regulatory requirements, and that means agreeing to an audit by a regulatory agency when it’s required, and agreeing to audits by customers so that they know what they’re getting before the regulators show up.
In this blog, we’ll go over some of the main points to consider when partnering with a GxP or HIPAA compliant hosting provider, to help you make sure that you close any compliance gaps.
ByteGrid is the leader in GxP and HIPAA compliant hosting. As we’ve said before, compliance isn’t an add-on for us. You don’t have to try to rewrite industry standards to partner with us, since we’ve built our systems based on well-studied, established practices. We don’t need a fancy white paper trying to convince someone that compliance isn’t necessary for us because we’re so big. Compliant cloud hosting is what we do. It’s our whole reason for being.
ByteGrid’s GxP and HIPAA compliant hosting was designed to help health & life science companies enjoy the benefits of cloud computing without putting their products at risk. Our focus is to ensure the integrity, confidentiality, and availability of our customers’ data, and we subject our systems to rigorous validation to mitigate risks to data in the cloud.
ByteGrid is the leader in GxP hosting. Not only do we have some of the best technical minds in the business, we have a fully staffed, dedicated compliance department poring over the regulations and auditing our processes to make sure we stay compliant. We’re always watching for new developments, like the FDA’s draft guidance, “Data Integrity and Compliance with CGMP,” issued last week.
ByteGrid takes HIPAA compliant hosting seriously. As we’ve said before, compliance isn’t an add-on for us. Compliant hosting is our mission. That’s why we were the first commercial data center to receive an EHNAC accreditation. We’re here to help healthcare organizations stay ahead of hackers.
Cloud computing has become so widespread, some have suggested that it can be viewed as a utility, like electrical power or water. Let’s examine this concept.
There are parts of the cloud that can be treated as a utility, like cables that are utility-owned and managed, and to some extent your ISP’s hardware and services - the internet infrastructure. But what about the servers, routers, lines and management software that are owned and operated by your cloud hosting provider?
ByteGrid is committed to compliant cloud hosting at every level in our organization. It’s built into the way we do things. We don’t have to find creative ways to make ourselves seem compliant. We’ve implemented proven processes for quality assurance, and these are also the very things that ensure regulatory compliance.