Welcome!

@CloudExpo Authors: Elizabeth White, Zakia Bouachraoui, Liz McMillan, Pat Romanski, Roger Strukhoff

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security, @DXWorldExpo

@CloudExpo: Article

Changing Standards for Online Healthcare Data – HIPAA & the Cloud

The safety of personal healthcare information on the cloud continues to be an important topic

Just a few months ago I wrote a blog post about healthcare data on the cloud (HIPPA Cloud Storage) and the security concerns surrounding this very sensitive and valuable data. I mentioned that as with many industries, more healthcare data is being moved to the cloud, but the healthcare industry has remained a few paces behind others in terms of securing online data.

The safety of personal healthcare information on the cloud continues to be an important topic, specifically in regards to government-issued guidelines. There are new requirements going into effect this year that expand on how HIPAA and HITECH standards regulate healthcare data on the cloud.

HIPAA & Cloud Security
For years, HIPAA has required healthcare organizations to maintain confidentiality of electronic health information that can be linked back to an individual. More recently, HITECH provisions further strengthened HIPAA penalties and criminal enforcement.

This year's new provision to HIPAA, known as the Omnibus final rule, has its compliance date coming up in September 2013. There are important implications for vendors that are involved in any way with storing, transmitting or otherwise handling personal healthcare records. Anyone involved in those capacities is now known as a "Business Associate" and is therefore subject to the compliance regulations put forth in HIPAA. Those not compliant with HIPAA rules are subject to various penalties, including fines, as in the case of the recently announced Wellpoint fine.

As I have written about before, both "Covered Entities" (Healthcare providers, etc.) and Business Associates looking to leverage cloud services but keep sensitive patient information within their full control have been leveraging a new class of technologies known as Cloud Data Protection Gateways. These gateways intercept sensitive data while it is still on-premise, encrypts or replaces it with a random token and protects the data whether at rest, in transit or on the cloud. Encryption and Tokenization techniques deployed within these gateways are a viable solution to help organizations stay compliant.

As industry and government regulations surrounding HIPAA and the cloud continue to impact cloud users and providers, I will keep this blog up to date on changes and on solutions to stay on top of requirements.

Read the original blog entry...


PerspecSys Inc. is a leading provider of cloud protection and cloud encryption solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. Cloud security companies like PerspecSys remove the technical, legal and financial risks of placing sensitive company data in the cloud. PerspecSys accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. For more information please visit http://www.perspecsys.com/ or follow on Twitter @perspecsys.

More Stories By Gerry Grealish

Gerry Grealish is Vice President, Marketing & Products, at PerspecSys. He is responsible for defining and executing PerspecSys’ marketing vision and driving revenue growth through strategic market expansion and new product development. Previously, he ran Product Marketing for the TNS Payments Division, helping create the marketing and product strategy for its cloud-based payment gateway and tokenization/encryption security solutions. He has held senior marketing and leadership roles for venture-backed startups as well as F500 companies, and his industry experience includes enterprise analytical software, payment processing and security services, and marketing and credit risk decisioning platforms.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected path for IoT innovators to scale globally, and the smartest path to cross-device synergy in an instrumented, connected world.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
ScaleMP is presenting at CloudEXPO 2019, held June 24-26 in Santa Clara, and we’d love to see you there. At the conference, we’ll demonstrate how ScaleMP is solving one of the most vexing challenges for cloud — memory cost and limit of scale — and how our innovative vSMP MemoryONE solution provides affordable larger server memory for the private and public cloud. Please visit us at Booth No. 519 to connect with our experts and learn more about vSMP MemoryONE and how it is already serving some of the world’s largest data centers. Click here to schedule a meeting with our experts and executives.
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understanding as the environment changes.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the modern business digitalization solutions. Achieve up to 50% early-stage technological process development cost cutdown with science and R&D-driven investment strategy with Codete's support.