Welcome!

@CloudExpo Authors: Pat Romanski, Liz McMillan, Yeshim Deniz, Elizabeth White, Zakia Bouachraoui

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security, @DXWorldExpo

@CloudExpo: Article

Changing Standards for Online Healthcare Data – HIPAA & the Cloud

The safety of personal healthcare information on the cloud continues to be an important topic

Just a few months ago I wrote a blog post about healthcare data on the cloud (HIPPA Cloud Storage) and the security concerns surrounding this very sensitive and valuable data. I mentioned that as with many industries, more healthcare data is being moved to the cloud, but the healthcare industry has remained a few paces behind others in terms of securing online data.

The safety of personal healthcare information on the cloud continues to be an important topic, specifically in regards to government-issued guidelines. There are new requirements going into effect this year that expand on how HIPAA and HITECH standards regulate healthcare data on the cloud.

HIPAA & Cloud Security
For years, HIPAA has required healthcare organizations to maintain confidentiality of electronic health information that can be linked back to an individual. More recently, HITECH provisions further strengthened HIPAA penalties and criminal enforcement.

This year's new provision to HIPAA, known as the Omnibus final rule, has its compliance date coming up in September 2013. There are important implications for vendors that are involved in any way with storing, transmitting or otherwise handling personal healthcare records. Anyone involved in those capacities is now known as a "Business Associate" and is therefore subject to the compliance regulations put forth in HIPAA. Those not compliant with HIPAA rules are subject to various penalties, including fines, as in the case of the recently announced Wellpoint fine.

As I have written about before, both "Covered Entities" (Healthcare providers, etc.) and Business Associates looking to leverage cloud services but keep sensitive patient information within their full control have been leveraging a new class of technologies known as Cloud Data Protection Gateways. These gateways intercept sensitive data while it is still on-premise, encrypts or replaces it with a random token and protects the data whether at rest, in transit or on the cloud. Encryption and Tokenization techniques deployed within these gateways are a viable solution to help organizations stay compliant.

As industry and government regulations surrounding HIPAA and the cloud continue to impact cloud users and providers, I will keep this blog up to date on changes and on solutions to stay on top of requirements.

Read the original blog entry...


PerspecSys Inc. is a leading provider of cloud protection and cloud encryption solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. Cloud security companies like PerspecSys remove the technical, legal and financial risks of placing sensitive company data in the cloud. PerspecSys accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. For more information please visit http://www.perspecsys.com/ or follow on Twitter @perspecsys.

More Stories By Gerry Grealish

Gerry Grealish is Vice President, Marketing & Products, at PerspecSys. He is responsible for defining and executing PerspecSys’ marketing vision and driving revenue growth through strategic market expansion and new product development. Previously, he ran Product Marketing for the TNS Payments Division, helping create the marketing and product strategy for its cloud-based payment gateway and tokenization/encryption security solutions. He has held senior marketing and leadership roles for venture-backed startups as well as F500 companies, and his industry experience includes enterprise analytical software, payment processing and security services, and marketing and credit risk decisioning platforms.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Everyone wants the rainbow - reduced IT costs, scalability, continuity, flexibility, manageability, and innovation. But in order to get to that collaboration rainbow, you need the cloud! In this presentation, we'll cover three areas: First - the rainbow of benefits from cloud collaboration. There are many different reasons why more and more companies and institutions are moving to the cloud. Benefits include: cost savings (reducing on-prem infrastructure, reducing data center foot print, reducing IT support costs), enabling growth (ensuring a highly available, highly scalable infrastructure), increasing employee access & engagement (by having collaboration tools that are usable and available globally regardless of location there will be an increased connectedness amongst teams and individuals that will help increase both efficiency and productivity.)
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.