Welcome!

@CloudExpo Authors: Elizabeth White, Pat Romanski, Olivier Huynh Van, Cloud Best Practices Network, Lori MacVittie

News Feed Item

How to Cut Health Costs by Millions and Stay Out of Prison

A tiny USB drive stolen from the car of an Alaska health worker wound up costing the state of Alaska $1.7 million in federal fines last July. Will your organization be protected when enforcement of health privacy laws skyrockets in 2013?

Online Tech announced today it is the first data center operator to have its data centers and cloud computing infrastructure voluntarily audited to the U.S. Office for Civil Rights (OCR) HIPAA Audit Protocol.

“For the Department of Health and Human Services and OCR this isn’t a joking matter anymore – you will comply,’’ said Nate Buchholz, Information Services Director at Genesys Physician Hospital Organization (PHO). “We have five FTEs all dedicated to securing our infrastructure. Online Tech is our data center colocation partner: they keep our lights on.’’ With the federal enforcement soaring in 2013, Buchholz said health providers are turning to Online Tech because “they take security seriously.’’

“We provide cloud hosting for healthcare clients from across the country,” said Mike Klein, CEO of Online Tech. “These clients need the assurance that the data centers and the cloud infrastructure where they are hosting PHI (Protected Health Information) are audited to the requirements of HHS and Office for Civil Rights. None of our clients want to be fined by the Office for Civil Rights because their hosting provider failed to live up to the OCR audit requirements.”

UHY Advisors, LLP recently completed Online Tech’s independent third-party HIPAA attestation on the company’s cloud infrastructure and all three data centers. Online Tech and UHY agreed to use the newly established OCR guidelines that all healthcare and health IT companies will face from the Office of Civil Rights starting in 2013.

Online Tech is not a covered entity, but rather a business associate (an organization providing a service to a covered entity). Although the initial audit program only applies to covered entities, Online Tech decided to proceed with an independent attestation using the new guidelines.

The American Recovery and Reinvestment Act of 2009 requires the Department of Health and Human Services (HHS) to perform periodic audits of covered entities and business associates to determine if they are complying with HIPAA requirements. A November 2011 to December 2012 HHS Office for Civil Rights pilot program selected 115 organizations across the country to undergo the scrutiny of privacy, security, and breach notification audits by KPMG.

The OCR does not plan to penalize targets for pilots unless they uncover “serious compliance issues.” The HITECH Act has civil penalties for HIPAA violations that can reach $50,000 per violation and up to $1.5 million for identical violations across multiple records in a single calendar year.

In June 2012, the OCR released a copy of the protocol it is using to audit HIPAA compliance under their pilot program. The protocol provides a breakdown of specific audit criteria they are using for HIPAA audits. The protocol includes 169 specific performance criteria organized around compliance in three areas: the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.

HIPAA data center compliance is no small investment. Data center operators must not only deliver the technology to meet the administrative, physical and technical safeguards required by the HIPAA security rule, they must also invest in policies, training, breach notification processes, legal support for business associates agreements, and HIPAA insurance. In addition, the organization must commit to consistently monitoring the safeguards and processes to ensure the security of the electronic protected health information (ePHI).

In 2011, Online Tech became the first data center operator to be independently audited for HIPAA compliance. This year, Online Tech decided it wanted to be the first data center operator independently audited against the OCR HIPAA Audit Program Protocol.

“It was a commitment and investment we knew we had to make to serve the best interest of our healthcare clients,” Klein said.

About Online Tech

Online Tech, Michigan’s largest managed data center is becoming the largest in the Midwest, expanding into at least four new markets. The “Fort Knox’’ for data is known for complete redundancy - “backups for everything” - from multiple back-up generators and backup systems to locations straddling two power grids and even two CEOs.

Online Tech leads in secure, compliant hosting services including cloud hosting, managed dedicated servers, Michigan colocation and disaster recovery. Online Tech’s Midwest data centers assure mission critical applications are always available, comply with government & industry regulations, and continue operating after a disaster. Backed by independent HIPAA, PCI, SSAE 16, and SOC 2, Online Tech delivers the security, privacy, and availability expected from world class data center operators. For more information, call (877)740-5028, email [email protected] or visit www.onlinetech.com .

Press Contact: April Sage, Director of Marketing, Healthcare Vertical, 734.213.2020 x 113, [email protected]

For additional information, please visit UHY Advisors, LLP at www.uhy-us.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
Most of us already know that adopting new cloud applications can boost a business’s productivity by enabling organizations to be more agile and ready to change course in our fast-moving and connected digital world. But the rapid adoption of cloud apps and services also brings with it profound security threats, including visibility and control challenges that aren’t present in traditional on-premises environments. At the same time, the cloud – because of its interconnected, flexible and adaptable...
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm ...
Digitization is driving a fundamental change in society that is transforming the way businesses work with their customers, their supply chains and their people. Digital transformation leverages DevOps best practices, such as Agile Parallel Development, Continuous Delivery and Agile Operations to capitalize on opportunities and create competitive differentiation in the application economy. However, information security has been notably absent from the DevOps movement. Speed doesn’t have to negat...
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. Commvault can ensure protection, access and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his general session at 18th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Part...
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
Leading cloud-centric IT organizations are establishing core capabilities to improve productivity, control costs and provide a highly responsive end-user experience. Key steps along this journey include creating an end-user cloud services catalog, automating workflows and provisioning, and implementing IT showback and chargeback. In his session at 19th Cloud Expo, Mark Jamensky, executive vice president of Products at Embotics, will walk attendees through an in-depth case study of enterprise I...
Your business relies on your applications and your employees to stay in business. Whether you develop apps or manage business critical apps that help fuel your business, what happens when users experience sluggish performance? You and all technical teams across the organization – application, network, operations, among others, as well as, those outside the organization, like ISPs and third-party providers – are called in to solve the problem.
SYS-CON Events announced today that Niagara Networks will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
SYS-CON Events announced today the Kubernetes and Google Container Engine Workshop, being held November 3, 2016, in conjunction with @DevOpsSummit at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA. This workshop led by Sebastian Scheele introduces participants to Kubernetes and Google Container Engine (GKE). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, students learn the key concepts and practices for deploying and maintainin...
SYS-CON Events announced today that Roundee / LinearHub will exhibit at the WebRTC Summit at @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LinearHub provides Roundee Service, a smart platform for enterprise video conferencing with enhanced features such as automatic recording and transcription service. Slack users can integrate Roundee to their team via Slack’s App Directory, and '/roundee' command lets your video conference ...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addres...
Digital transformation is too big and important for our future success to not understand the rules that apply to it. The first three rules for winning in this age of hyper-digital transformation are: Advantages in speed, analytics and operational tempos must be captured by implementing an optimized information logistics system (OILS) Real-time operational tempos (IT, people and business processes) must be achieved Businesses that can "analyze data and act and with speed" will dominate those t...
IoT is fundamentally transforming the auto industry, turning the vehicle into a hub for connected services, including safety, infotainment and usage-based insurance. Auto manufacturers – and businesses across all verticals – have built an entire ecosystem around the Connected Car, creating new customer touch points and revenue streams. In his session at @ThingsExpo, Macario Namie, Head of IoT Strategy at Cisco Jasper, will share real-world examples of how IoT transforms the car from a static p...
While DevOps promises a better and tighter integration among an organization’s development and operation teams and transforms an application life cycle into a continual deployment, Chef and Azure together provides a speedy, cost-effective and highly scalable vehicle for realizing the business values of this transformation. In his session at @DevOpsSummit at 19th Cloud Expo, Yung Chou, a Technology Evangelist at Microsoft, will present a unique opportunity to witness how Chef and Azure work tog...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
The Transparent Cloud-computing Consortium (abbreviation: T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data processing High speed and high quality networks, and dramatic improvements in computer processing capabilities, have greatly changed the nature of applications and made the storing and processing of data on the network commonplace.
Almost two-thirds of companies either have or soon will have IoT as the backbone of their business in 2016. However, IoT is far more complex than most firms expected. How can you not get trapped in the pitfalls? In his session at @ThingsExpo, Tony Shan, a renowned visionary and thought leader, will introduce a holistic method of IoTification, which is the process of IoTifying the existing technology and business models to adopt and leverage IoT. He will drill down to the components in this fra...