The people assigned to rethink the role of cloud computing by those charged with HIPAA best practices management and security have a daunting task on their hands these days. There are many decisions that should be made, and not a lot of emerging information and best practices.
However, as more cloud providers hit the market, many are offering HIPAA-compliant cloud services. At least, that’s what they are selling. The trick is to arm yourself with enough information to make sure you make the right choices, and move in the right directions.
The most important best practice is to understand the existing requirements, and then understand how the emerging uses of cloud computing could provide compliant and secure HIPAA solutions. The good news is that this is not the first time we’ve dealt with HIPAA data outside of our own data centers; we’ve been working with managed services, hosting, and co-location providers for years.