Welcome!

@CloudExpo Authors: Liz McMillan, Yung Chou, Elizabeth White, Jason Bloomberg, David Bermingham

News Feed Item

How to Cut Health Costs by Millions and Stay Out of Prison

A tiny USB drive stolen from the car of an Alaska health worker wound up costing the state of Alaska $1.7 million in federal fines last July. Will your organization be protected when enforcement of health privacy laws skyrockets in 2013?

Online Tech announced today it is the first data center operator to have its data centers and cloud computing infrastructure voluntarily audited to the U.S. Office for Civil Rights (OCR) HIPAA Audit Protocol.

“For the Department of Health and Human Services and OCR this isn’t a joking matter anymore – you will comply,’’ said Nate Buchholz, Information Services Director at Genesys Physician Hospital Organization (PHO). “We have five FTEs all dedicated to securing our infrastructure. Online Tech is our data center colocation partner: they keep our lights on.’’ With the federal enforcement soaring in 2013, Buchholz said health providers are turning to Online Tech because “they take security seriously.’’

“We provide cloud hosting for healthcare clients from across the country,” said Mike Klein, CEO of Online Tech. “These clients need the assurance that the data centers and the cloud infrastructure where they are hosting PHI (Protected Health Information) are audited to the requirements of HHS and Office for Civil Rights. None of our clients want to be fined by the Office for Civil Rights because their hosting provider failed to live up to the OCR audit requirements.”

UHY Advisors, LLP recently completed Online Tech’s independent third-party HIPAA attestation on the company’s cloud infrastructure and all three data centers. Online Tech and UHY agreed to use the newly established OCR guidelines that all healthcare and health IT companies will face from the Office of Civil Rights starting in 2013.

Online Tech is not a covered entity, but rather a business associate (an organization providing a service to a covered entity). Although the initial audit program only applies to covered entities, Online Tech decided to proceed with an independent attestation using the new guidelines.

The American Recovery and Reinvestment Act of 2009 requires the Department of Health and Human Services (HHS) to perform periodic audits of covered entities and business associates to determine if they are complying with HIPAA requirements. A November 2011 to December 2012 HHS Office for Civil Rights pilot program selected 115 organizations across the country to undergo the scrutiny of privacy, security, and breach notification audits by KPMG.

The OCR does not plan to penalize targets for pilots unless they uncover “serious compliance issues.” The HITECH Act has civil penalties for HIPAA violations that can reach $50,000 per violation and up to $1.5 million for identical violations across multiple records in a single calendar year.

In June 2012, the OCR released a copy of the protocol it is using to audit HIPAA compliance under their pilot program. The protocol provides a breakdown of specific audit criteria they are using for HIPAA audits. The protocol includes 169 specific performance criteria organized around compliance in three areas: the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.

HIPAA data center compliance is no small investment. Data center operators must not only deliver the technology to meet the administrative, physical and technical safeguards required by the HIPAA security rule, they must also invest in policies, training, breach notification processes, legal support for business associates agreements, and HIPAA insurance. In addition, the organization must commit to consistently monitoring the safeguards and processes to ensure the security of the electronic protected health information (ePHI).

In 2011, Online Tech became the first data center operator to be independently audited for HIPAA compliance. This year, Online Tech decided it wanted to be the first data center operator independently audited against the OCR HIPAA Audit Program Protocol.

“It was a commitment and investment we knew we had to make to serve the best interest of our healthcare clients,” Klein said.

About Online Tech

Online Tech, Michigan’s largest managed data center is becoming the largest in the Midwest, expanding into at least four new markets. The “Fort Knox’’ for data is known for complete redundancy - “backups for everything” - from multiple back-up generators and backup systems to locations straddling two power grids and even two CEOs.

Online Tech leads in secure, compliant hosting services including cloud hosting, managed dedicated servers, Michigan colocation and disaster recovery. Online Tech’s Midwest data centers assure mission critical applications are always available, comply with government & industry regulations, and continue operating after a disaster. Backed by independent HIPAA, PCI, SSAE 16, and SOC 2, Online Tech delivers the security, privacy, and availability expected from world class data center operators. For more information, call (877)740-5028, email [email protected] or visit www.onlinetech.com .

Press Contact: April Sage, Director of Marketing, Healthcare Vertical, 734.213.2020 x 113, [email protected]

For additional information, please visit UHY Advisors, LLP at www.uhy-us.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
Advances in technology and ubiquitous connectivity have made the utilization of a dispersed workforce more common. Whether that remote team is located across the street or country, management styles/ approaches will have to be adjusted to accommodate this new dynamic. In his session at 17th Cloud Expo, Sagi Brody, Chief Technology Officer at Webair Internet Development Inc., focused on the challenges of managing remote teams, providing real-world examples that demonstrate what works and what do...
Eighty percent of a data scientist’s time is spent gathering and cleaning up data, and 80% of all data is unstructured and almost never analyzed. Cognitive computing, in combination with Big Data, is changing the equation by creating data reservoirs and using natural language processing to enable analysis of unstructured data sources. This is impacting every aspect of the analytics profession from how data is mined (and by whom) to how it is delivered. This is not some futuristic vision: it's ha...
Predictive analytics tools monitor, report, and troubleshoot in order to make proactive decisions about the health, performance, and utilization of storage. Most enterprises combine cloud and on-premise storage, resulting in blended environments of physical, virtual, cloud, and other platforms, which justifies more sophisticated storage analytics. In his session at 18th Cloud Expo, Peter McCallum, Vice President of Datacenter Solutions at FalconStor, will discuss using predictive analytics to ...
Let’s face it, embracing new storage technologies, capabilities and upgrading to new hardware often adds complexity and increases costs. In his session at 18th Cloud Expo, Seth Oxenhorn, Vice President of Business Development & Alliances at FalconStor, will discuss how a truly heterogeneous software-defined storage approach can add value to legacy platforms and heterogeneous environments. The result reduces complexity, significantly lowers cost, and provides IT organizations with improved effi...
The cloud promises new levels of agility and cost-savings for Big Data, data warehousing and analytics. But it’s challenging to understand all the options – from IaaS and PaaS to newer services like HaaS (Hadoop as a Service) and BDaaS (Big Data as a Service). In her session at @BigDataExpo at @ThingsExpo, Hannah Smalltree, a director at Cazena, will provide an educational overview of emerging “as-a-service” options for Big Data in the cloud. This is critical background for IT and data profes...
SYS-CON Events announced today that Men & Mice, the leading global provider of DNS, DHCP and IP address management overlay solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The Men & Mice Suite overlay solution is already known for its powerful application in heterogeneous operating environments, enabling enterprises to scale without fuss. Building on a solid range of diverse platform support,...
Father business cycles and digital consumers are forcing enterprises to respond faster to customer needs and competitive demands. Successful integration of DevOps and Agile development will be key for business success in today’s digital economy. In his session at DevOps Summit, Pradeep Prabhu, Co-Founder & CEO of Cloudmunch, covered the critical practices that enterprises should consider to seamlessly integrate Agile and DevOps processes, barriers to implementing this in the enterprise, and pr...
Sensors and effectors of IoT are solving problems in new ways, but small businesses have been slow to join the quantified world. They’ll need information from IoT using applications as varied as the businesses themselves. In his session at @ThingsExpo, Roger Meike, Distinguished Engineer, Director of Technology Innovation at Intuit, showed how IoT manufacturers can use open standards, public APIs and custom apps to enable the Quantified Small Business. He used a Raspberry Pi to connect sensors...
Data-as-a-Service is the complete package for the transformation of raw data into meaningful data assets and the delivery of those data assets. In her session at 18th Cloud Expo, Lakshmi Randall, an industry expert, analyst and strategist, will address: What is DaaS (Data-as-a-Service)? Challenges addressed by DaaS Vendors that are enabling DaaS Architecture options for DaaS
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Avere delivers a more modern architectural approach to storage that doesn’t require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbuilding of data centers ...
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed...
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 ad...
Recognizing the need to identify and validate information security professionals’ competency in securing cloud services, the two leading membership organizations focused on cloud and information security, the Cloud Security Alliance (CSA) and (ISC)^2, joined together to develop an international cloud security credential that reflects the most current and comprehensive best practices for securing and optimizing cloud computing environments.
Companies can harness IoT and predictive analytics to sustain business continuity; predict and manage site performance during emergencies; minimize expensive reactive maintenance; and forecast equipment and maintenance budgets and expenditures. Providing cost-effective, uninterrupted service is challenging, particularly for organizations with geographically dispersed operations.
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
SYS-CON Events announced today that VAI, a leading ERP software provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. VAI (Vormittag Associates, Inc.) is a leading independent mid-market ERP software developer renowned for its flexible solutions and ability to automate critical business functions for the distribution, manufacturing, specialty retail and service sectors. An IBM Premier Business Part...
With an estimated 50 billion devices connected to the Internet by 2020, several industries will begin to expand their capabilities for retaining end point data at the edge to better utilize the range of data types and sheer volume of M2M data generated by the Internet of Things. In his session at @ThingsExpo, Don DeLoach, CEO and President of Infobright, will discuss the infrastructures businesses will need to implement to handle this explosion of data by providing specific use cases for filte...
In most cases, it is convenient to have some human interaction with a web (micro-)service, no matter how small it is. A traditional approach would be to create an HTTP interface, where user requests will be dispatched and HTML/CSS pages must be served. This approach is indeed very traditional for a web site, but not really convenient for a web service, which is not intended to be good looking, 24x7 up and running and UX-optimized. Instead, talking to a web service in a chat-bot mode would be muc...