Cloud Computing: HIPAA’s Role

Grazed from Gov Info Security. Author: Marianne Kolbasuk McGee.

While a privacy advocate is demanding federal guidance on how to protect health information in the cloud, one federal official says the soon-to-be-modified HIPAA privacy and security rules will apply to all business associates, including cloud vendors, helping to ensure patient data is safeguarded. Joy Pritts, chief privacy officer in the Office of the National Coordinator for Health IT, a unit of the Department of Health and Human Services, made her comments about HIPAA during a Jan. 7 panel discussion on cloud computing hosted by Patient Privacy Rights, an advocacy group.

The movement of health information to the cloud is inevitable, Pritts acknowledged. That’s particularly true for smaller healthcare organizations that are turning to cloud providers to host electronic health records to help reduce start-up costs…

The shift to cloud computing "reminds me of the mobile area, where technology and practices are ahead of policy," Pritts said. The HIPAA modifications, however, will help ensure that cloud vendors take adequate steps to protect patient data, she added, stopping short of saying whether federal regulators are likely to eventually issue any cloud-specific guidance…

Read more from the source @ http://www.govinfosecurity.com/cloud-computing-hipaas-role-a-5406