HIPAA Compliant Cloud Hosting- Protection from 2014's Biggest Mistakes

Posted by Rebecca Santorios on January 7, 2016


ByteGrid’s EHNAC-accredited datacenter is the trusted, secure way to achieve HIPAA compliant cloud computing.  It’s our mission to provide fully compliant cloud solutions to the healthcare and life science industries.

We keep a close watch on the developments that impact HIPAA compliance and Health IT.  As we start the new year, it’s a good time to look back at last year’s most newsworthy HIPAA incidents, and think about how they could impact our decisions about compliant cloud hosting.

The HHS posts information about the largest breaches on their website.  Let’s look at some of 2014’s biggest reportable breaches, and see how ByteGrid’ compliant cloud hosting would stand up in these situations.

Reportable Data Breach

How ByteGrid Compliant Cloud Hosting Mitigates the Risk 

In August, Community Health Systems of Franklin, TN reported in August that hackers obtained the protected personal information of 4.5 million patients.  Regularly updated anti-virus and anti-malware software, firewalls, intrusion detection, and software updates and patches help keep compliant cloud hosted systems secure from malicious attacks.  We’re continuously working to stay ahead of evolving threats.
In February, the theft of eight unencrypted desktop computers was reported to have compromised the records of more than 342,000 patients. Data stored in an accredited datacenter with multi-layered physical and electronic security are protected from theft and can’t be misplaced, unlike local storage devices such as laptops, desktops, and removable media, which are easily lost or stolen.
Touchstone Medical Imaging reported that a folder containing patient billing information had inadvertently been left accessible via the Internet, and that approximately 307,000 patient records may have been affected.  ByteGrid’ rigorous change control procedures, employee training, and documented system validation ensure that data is only accessed securely, and as intended.
The Indian Health Service reported that a physician employed by a staffing company under contract with the IHS had improperly accessed protected health information from three facilities.  Full adherence to HIPAA regulations requires compliance on the client side, too. ByteGrid’ compliance team can help you identify the things you need to do to avoid breaches like these- things like documented procedure and training, which are required by the HIPAA regulations and can help prevent incidents like this. 

At ByteGrid, we’re always working to protect our clients’ data.  Our systems are designed for security and complete regulatory compliance.  ByteGrid has been third party audited for adherence to HIPAA HITECH by EHNAC – the Electronic Healthcare Network Accreditation Commission.  Being EHNAC accredited means that there is measurable evidence that our datacenter adheres to HIPAA requirements.  In addition, each HIPAA client of ours receives a HIPAA qualification package for their hosted solution.  We take the time to trace our customers’ specific solution to the HIPAA regulation and to the ByteGrid Quality System. This provides full transparency for adherence to the rule. ByteGrid also provides documentation to clients including System Configuration Specification document, IQ and summary report. 

Contact us today to find out how HIPAA compliant web hosting can help your business achieve secure, truly compliant cloud connectivity.