SlideShare a Scribd company logo

Tips for Securing ePHI in the Cloud

Peak 10
Peak 10

When it comes to entrusting your electronic protected health information (ePHI) to a third-party cloud services provider, security is arguably the biggest concern. A lot of factors must be considered when looking for qualified providers you can work with and who want to work with you. Here are some considerations.

TechnologyBusiness
1 of 23
Download to read offline
Tips for Securing ePHI in the Cloud
When it comes to entrusting your electronic protected health information (ePHI) to a third-party cloud services provider, security is arguably the biggest concern. A lot of factors must be considered when looking for qualified providers you can work with and who want to work with you. Here are some considerations.
covered entities are required to have three plans... Under the HIPAA Security Rule, 1
...for recovering access to ePHI should the organization experience an emergency or a disruption of critical business operations: data backup, disaster recovery and emergency mode operation. Evaluate cloud services providers (CSPs) for the depth of their service capabilities and commitments in each context. 1
Data backup, disaster recovery and emergency operation mode... The Three Plans - 2
...must accurately reflect the procedures that the organization actually uses. They must be updated as procedures change in order to remain relevant and accurate.Any changes the storage provider makes must also be reflected. 2
top-notch cloud security, it may not be neccessary to be... Even if a CSP offers 3
...HIPAA Compliant. Look for providers that boast of HIPAA compliance and have them prove it. Ask for audit documentation. 3
a Business Associate Agreement (BAA) is table stakes for any CSP... A willingness to sign 4
...Worth doing business with so make sure the one you are considering will do so. 4
states that CSPs (and other third-party provers...) 5 The HIPAA Security Rule
...(classified as business associates) have a framework in place to comply with HIPAA requirements. It’s up to you to ensure that is the case so get documentation from anyCSP you work with that outlines this framework. 5
to ask a vendor to back up your data in its cloud... It may seem unnecessary 6
...but don’t be lulled into complacency. Discuss retention policies and backup methods upfront with prospectiveCSPs. They should be able to meet your organization’s requirements and any regulatory requirements. 6
must be able to tell you precisely where your ePHI is... Any CSP you work with 7
...Physically stored. Providers who cannot pinpoint data location or that rely on non-U.S. based storage are not HIPAA compliant. Know what the HIPAA requirements are in this regard, and make sure theCSP can meet them. 7
or attitudes toward data ownership and access. Dig into a vendors policy 8
This can be crucial for protecting your organization if your provider runs into business issues down the road. 8
access and attempted access to your data. HIPAA requires that you audit 9
Work with your provider to ensure the hardware, software and/or procedural mechanisms that record and examine ePHI-related activity are implemented. 9
the data backup methodology you use and be certain... Accurately document 10
...that it fulfills the HIPAA requirement to create and maintain retrievable exact copies of ePHI. 10
If you’re wondering which service provider has one of the industry’s most comprehensive compliance programs for infrastructure, cloud and managed services, look no further than Peak 10 - in it with you, today and tomorrow. Call to action here.

Recommended

What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageTexas Medical Liability Trust
 
Enabling Authorized Encrypted Search for Multi-Authority Medical Databases
Enabling Authorized Encrypted Search for Multi-Authority Medical DatabasesEnabling Authorized Encrypted Search for Multi-Authority Medical Databases
Enabling Authorized Encrypted Search for Multi-Authority Medical DatabasesJAYAPRAKASH JPINFOTECH
 
Data protection in HR
Data protection in HRData protection in HR
Data protection in HRStrategic Business & IT Services
 
Is your billing partner hipaa compliant
Is your billing partner hipaa compliantIs your billing partner hipaa compliant
Is your billing partner hipaa compliantjennyvergeese
 
Compliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsCompliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsSherWeb
 
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...Amazon Web Services
 
Meaningful use, risk analysis and protecting electronic health information
Meaningful use, risk analysis and protecting electronic health informationMeaningful use, risk analysis and protecting electronic health information
Meaningful use, risk analysis and protecting electronic health informationRedspin, Inc.
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHanna Global
 

Recommended

What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageTexas Medical Liability Trust
 
Enabling Authorized Encrypted Search for Multi-Authority Medical Databases
Enabling Authorized Encrypted Search for Multi-Authority Medical DatabasesEnabling Authorized Encrypted Search for Multi-Authority Medical Databases
Enabling Authorized Encrypted Search for Multi-Authority Medical DatabasesJAYAPRAKASH JPINFOTECH
 
Data protection in HR
Data protection in HRData protection in HR
Data protection in HRStrategic Business & IT Services
 
Is your billing partner hipaa compliant
Is your billing partner hipaa compliantIs your billing partner hipaa compliant
Is your billing partner hipaa compliantjennyvergeese
 
Compliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsCompliant Email Solutions for HIPAA & SOX regulations
Compliant Email Solutions for HIPAA & SOX regulationsSherWeb
 
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...
Drug Discovery Innovation in a Precompetitive Cloud Platform (LFS302-S) - AWS...Amazon Web Services
 
Meaningful use, risk analysis and protecting electronic health information
Meaningful use, risk analysis and protecting electronic health informationMeaningful use, risk analysis and protecting electronic health information
Meaningful use, risk analysis and protecting electronic health informationRedspin, Inc.
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHanna Global
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Hipaa privacy and security real world cases and breach determinations
Hipaa privacy and security real world cases and breach determinationsHipaa privacy and security real world cases and breach determinations
Hipaa privacy and security real world cases and breach determinationsCompliance Trainings
 
EHR Integration: The Decision to Build or Buy
EHR Integration: The Decision to Build or BuyEHR Integration: The Decision to Build or Buy
EHR Integration: The Decision to Build or BuyRedox Engine
 
Privacy Policy for Quake Nepal
Privacy Policy for Quake NepalPrivacy Policy for Quake Nepal
Privacy Policy for Quake NepalMahesh Dahal
 
Integrating PRO Solutions with Health System EHRs
Integrating PRO Solutions with Health System EHRsIntegrating PRO Solutions with Health System EHRs
Integrating PRO Solutions with Health System EHRsRedox Engine
 
6 Steps to Meet Regulatory Compliance
6 Steps to Meet Regulatory Compliance6 Steps to Meet Regulatory Compliance
6 Steps to Meet Regulatory ComplianceEnviroSolutions & Consulting
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Hipaa privacy and security 2014 update, including the latest trends in omnibu...
Hipaa privacy and security 2014 update, including the latest trends in omnibu...Hipaa privacy and security 2014 update, including the latest trends in omnibu...
Hipaa privacy and security 2014 update, including the latest trends in omnibu...Compliance Trainings
 
Webinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishmentsWebinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishmentsCompliance Trainings
 
HIPAA Conduit Exception: The Facts
HIPAA Conduit Exception: The FactsHIPAA Conduit Exception: The Facts
HIPAA Conduit Exception: The FactsScrypt, Inc.
 
Redox Overview deck
Redox Overview deckRedox Overview deck
Redox Overview deckRedox Engine
 
Solving Interoperability: The Redox API
Solving Interoperability: The Redox APISolving Interoperability: The Redox API
Solving Interoperability: The Redox APIRedox Engine
 
Covenant SharePoint Health Assessment
Covenant SharePoint Health AssessmentCovenant SharePoint Health Assessment
Covenant SharePoint Health AssessmentMatthew W. Bowers
 
Tips For Being Compliance Ready
Tips For Being Compliance ReadyTips For Being Compliance Ready
Tips For Being Compliance ReadyPeak 10
 
Building an API for EHR integration at scale
Building an API for EHR integration at scaleBuilding an API for EHR integration at scale
Building an API for EHR integration at scaleRedox Engine
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance BoosterMaëlle Piquée
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Maestro
 
Simple Cost-Effective Strategies for Securing Documents in Your Therapy Practice
Simple Cost-Effective Strategies for Securing Documents in Your Therapy PracticeSimple Cost-Effective Strategies for Securing Documents in Your Therapy Practice
Simple Cost-Effective Strategies for Securing Documents in Your Therapy PracticeA Green
 
Redox_Overview (1)
Redox_Overview (1)Redox_Overview (1)
Redox_Overview (1)Dharmaraj Indurthy
 
Redox-Overview-Aug18
Redox-Overview-Aug18Redox-Overview-Aug18
Redox-Overview-Aug18George McLaughlin
 
Healthcare Cloud Adoption – HIPAA Still the Major Priority
Healthcare Cloud Adoption – HIPAA Still the Major PriorityHealthcare Cloud Adoption – HIPAA Still the Major Priority
Healthcare Cloud Adoption – HIPAA Still the Major PriorityMedical Transcription Service Company
 
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...Ajeet Singh
 

More Related Content

What's hot

HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Hipaa privacy and security real world cases and breach determinations
Hipaa privacy and security real world cases and breach determinationsHipaa privacy and security real world cases and breach determinations
Hipaa privacy and security real world cases and breach determinationsCompliance Trainings
 
EHR Integration: The Decision to Build or Buy
EHR Integration: The Decision to Build or BuyEHR Integration: The Decision to Build or Buy
EHR Integration: The Decision to Build or BuyRedox Engine
 
Privacy Policy for Quake Nepal
Privacy Policy for Quake NepalPrivacy Policy for Quake Nepal
Privacy Policy for Quake NepalMahesh Dahal
 
Integrating PRO Solutions with Health System EHRs
Integrating PRO Solutions with Health System EHRsIntegrating PRO Solutions with Health System EHRs
Integrating PRO Solutions with Health System EHRsRedox Engine
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Hipaa privacy and security 2014 update, including the latest trends in omnibu...
Hipaa privacy and security 2014 update, including the latest trends in omnibu...Hipaa privacy and security 2014 update, including the latest trends in omnibu...
Hipaa privacy and security 2014 update, including the latest trends in omnibu...Compliance Trainings
 
Webinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishmentsWebinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishmentsCompliance Trainings
 
HIPAA Conduit Exception: The Facts
HIPAA Conduit Exception: The FactsHIPAA Conduit Exception: The Facts
HIPAA Conduit Exception: The FactsScrypt, Inc.
 
Redox Overview deck
Redox Overview deckRedox Overview deck
Redox Overview deckRedox Engine
 
Solving Interoperability: The Redox API
Solving Interoperability: The Redox APISolving Interoperability: The Redox API
Solving Interoperability: The Redox APIRedox Engine
 
Covenant SharePoint Health Assessment
Covenant SharePoint Health AssessmentCovenant SharePoint Health Assessment
Covenant SharePoint Health AssessmentMatthew W. Bowers
 
Tips For Being Compliance Ready
Tips For Being Compliance ReadyTips For Being Compliance Ready
Tips For Being Compliance ReadyPeak 10
 
Building an API for EHR integration at scale
Building an API for EHR integration at scaleBuilding an API for EHR integration at scale
Building an API for EHR integration at scaleRedox Engine
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance BoosterMaëlle Piquée
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Maestro
 
Simple Cost-Effective Strategies for Securing Documents in Your Therapy Practice
Simple Cost-Effective Strategies for Securing Documents in Your Therapy PracticeSimple Cost-Effective Strategies for Securing Documents in Your Therapy Practice
Simple Cost-Effective Strategies for Securing Documents in Your Therapy PracticeA Green
 

What's hot (20)

HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
Hipaa privacy and security real world cases and breach determinations
Hipaa privacy and security real world cases and breach determinationsHipaa privacy and security real world cases and breach determinations
Hipaa privacy and security real world cases and breach determinations
 
EHR Integration: The Decision to Build or Buy
EHR Integration: The Decision to Build or BuyEHR Integration: The Decision to Build or Buy
EHR Integration: The Decision to Build or Buy
 
Privacy Policy for Quake Nepal
Privacy Policy for Quake NepalPrivacy Policy for Quake Nepal
Privacy Policy for Quake Nepal
 
Integrating PRO Solutions with Health System EHRs
Integrating PRO Solutions with Health System EHRsIntegrating PRO Solutions with Health System EHRs
Integrating PRO Solutions with Health System EHRs
 
6 Steps to Meet Regulatory Compliance
6 Steps to Meet Regulatory Compliance6 Steps to Meet Regulatory Compliance
6 Steps to Meet Regulatory Compliance
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
Hipaa privacy and security 2014 update, including the latest trends in omnibu...
Hipaa privacy and security 2014 update, including the latest trends in omnibu...Hipaa privacy and security 2014 update, including the latest trends in omnibu...
Hipaa privacy and security 2014 update, including the latest trends in omnibu...
 
Webinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishmentsWebinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishments
 
HIPAA Conduit Exception: The Facts
HIPAA Conduit Exception: The FactsHIPAA Conduit Exception: The Facts
HIPAA Conduit Exception: The Facts
 
Redox Overview deck
Redox Overview deckRedox Overview deck
Redox Overview deck
 
Solving Interoperability: The Redox API
Solving Interoperability: The Redox APISolving Interoperability: The Redox API
Solving Interoperability: The Redox API
 
Covenant SharePoint Health Assessment
Covenant SharePoint Health AssessmentCovenant SharePoint Health Assessment
Covenant SharePoint Health Assessment
 
Tips For Being Compliance Ready
Tips For Being Compliance ReadyTips For Being Compliance Ready
Tips For Being Compliance Ready
 
Building an API for EHR integration at scale
Building an API for EHR integration at scaleBuilding an API for EHR integration at scale
Building an API for EHR integration at scale
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance Booster
 
Identity Management as a Compliance Booster
Identity Management as a Compliance BoosterIdentity Management as a Compliance Booster
Identity Management as a Compliance Booster
 
Simple Cost-Effective Strategies for Securing Documents in Your Therapy Practice
Simple Cost-Effective Strategies for Securing Documents in Your Therapy PracticeSimple Cost-Effective Strategies for Securing Documents in Your Therapy Practice
Simple Cost-Effective Strategies for Securing Documents in Your Therapy Practice
 
Redox_Overview (1)
Redox_Overview (1)Redox_Overview (1)
Redox_Overview (1)
 
Redox-Overview-Aug18
Redox-Overview-Aug18Redox-Overview-Aug18
Redox-Overview-Aug18
 

Similar to Tips for Securing ePHI in the Cloud

HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...Ajeet Singh
 
HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations OnRamp
 
How to Manage Vendors and Third Parties to Minimize Privacy Risk
How to Manage Vendors and Third Parties to Minimize Privacy RiskHow to Manage Vendors and Third Parties to Minimize Privacy Risk
How to Manage Vendors and Third Parties to Minimize Privacy RiskTrustArc
 
Success with on line CRM
Success with on line CRMSuccess with on line CRM
Success with on line CRMJames Bogue
 
10 questions to ask your cloud provider
10 questions to ask your cloud provider10 questions to ask your cloud provider
10 questions to ask your cloud providerHighQ
 
Cloud compliance test
Cloud compliance testCloud compliance test
Cloud compliance testPrancer Io
 
GDPR Checklist Infographic
GDPR Checklist InfographicGDPR Checklist Infographic
GDPR Checklist InfographicConnexica
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfSeasiaInfotech2
 
Salesforce Compliance Archiving with DataConnectiva
Salesforce Compliance Archiving with DataConnectivaSalesforce Compliance Archiving with DataConnectiva
Salesforce Compliance Archiving with DataConnectivaDataConnectiva
 
Article - 10 best data compliance practices .pdf
Article - 10 best data compliance practices .pdfArticle - 10 best data compliance practices .pdf
Article - 10 best data compliance practices .pdfEnov8
 
Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldQualys
 
Top 5 Strategies in Mastering Compliance with Salesforce Data Archiving
Top 5 Strategies in Mastering Compliance with Salesforce Data ArchivingTop 5 Strategies in Mastering Compliance with Salesforce Data Archiving
Top 5 Strategies in Mastering Compliance with Salesforce Data ArchivingDataArchiva
 
Healthcare Portals: 5 Core Items for an Exceptional Digital Experience
Healthcare Portals: 5 Core Items for an Exceptional Digital ExperienceHealthcare Portals: 5 Core Items for an Exceptional Digital Experience
Healthcare Portals: 5 Core Items for an Exceptional Digital ExperiencePerficient, Inc.
 
Compliance is a Team Project
Compliance is a Team ProjectCompliance is a Team Project
Compliance is a Team ProjectThe TNS Group
 
Data Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfData Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfAgusto Sipahutar
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 

Similar to Tips for Securing ePHI in the Cloud (20)

Healthcare Cloud Adoption – HIPAA Still the Major Priority
Healthcare Cloud Adoption – HIPAA Still the Major PriorityHealthcare Cloud Adoption – HIPAA Still the Major Priority
Healthcare Cloud Adoption – HIPAA Still the Major Priority
 
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...
HIPAA Compliant Salesforce Health Cloud – Why Healthcare Organizations Must C...
 
HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations HIPAA eBOOK: Avoid Common HIPAA Violations
HIPAA eBOOK: Avoid Common HIPAA Violations
 
How to Manage Vendors and Third Parties to Minimize Privacy Risk
How to Manage Vendors and Third Parties to Minimize Privacy RiskHow to Manage Vendors and Third Parties to Minimize Privacy Risk
How to Manage Vendors and Third Parties to Minimize Privacy Risk
 
Success with on line CRM
Success with on line CRMSuccess with on line CRM
Success with on line CRM
 
10 questions to ask your cloud provider
10 questions to ask your cloud provider10 questions to ask your cloud provider
10 questions to ask your cloud provider
 
Security policy.pdf
Security policy.pdfSecurity policy.pdf
Security policy.pdf
 
Cloud compliance test
Cloud compliance testCloud compliance test
Cloud compliance test
 
GDPR Checklist Infographic
GDPR Checklist InfographicGDPR Checklist Infographic
GDPR Checklist Infographic
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdf
 
Salesforce Compliance Archiving with DataConnectiva
Salesforce Compliance Archiving with DataConnectivaSalesforce Compliance Archiving with DataConnectiva
Salesforce Compliance Archiving with DataConnectiva
 
Article - 10 best data compliance practices .pdf
Article - 10 best data compliance practices .pdfArticle - 10 best data compliance practices .pdf
Article - 10 best data compliance practices .pdf
 
Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless World
 
Top 5 Strategies in Mastering Compliance with Salesforce Data Archiving
Top 5 Strategies in Mastering Compliance with Salesforce Data ArchivingTop 5 Strategies in Mastering Compliance with Salesforce Data Archiving
Top 5 Strategies in Mastering Compliance with Salesforce Data Archiving
 
Healthcare Portals: 5 Core Items for an Exceptional Digital Experience
Healthcare Portals: 5 Core Items for an Exceptional Digital ExperienceHealthcare Portals: 5 Core Items for an Exceptional Digital Experience
Healthcare Portals: 5 Core Items for an Exceptional Digital Experience
 
Compliance is a Team Project
Compliance is a Team ProjectCompliance is a Team Project
Compliance is a Team Project
 
Data Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfData Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdf
 
web-MINImag
web-MINImagweb-MINImag
web-MINImag
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud Computing
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud Computing
 

More from Peak 10

10-TOP-IT-INITIATIVES_6-6-16
10-TOP-IT-INITIATIVES_6-6-1610-TOP-IT-INITIATIVES_6-6-16
10-TOP-IT-INITIATIVES_6-6-16Peak 10
 
7_Questions_DR_Plan_6-23-16
7_Questions_DR_Plan_6-23-167_Questions_DR_Plan_6-23-16
7_Questions_DR_Plan_6-23-16Peak 10
 
IT Industry terms, a guide to getting it right.
IT Industry terms, a guide to getting it right.IT Industry terms, a guide to getting it right.
IT Industry terms, a guide to getting it right.Peak 10
 
TOP 10 Reasons to Make Peak 10 Your Cloud Provider of Choice
TOP 10 Reasons to Make Peak 10 Your Cloud Provider of ChoiceTOP 10 Reasons to Make Peak 10 Your Cloud Provider of Choice
TOP 10 Reasons to Make Peak 10 Your Cloud Provider of ChoicePeak 10
 
Advantages of Converged Infrastructures
Advantages of Converged InfrastructuresAdvantages of Converged Infrastructures
Advantages of Converged InfrastructuresPeak 10
 
New Tampa Data Center - Peak 10
New Tampa Data Center - Peak 10New Tampa Data Center - Peak 10
New Tampa Data Center - Peak 10Peak 10
 
Cloud Migration
Cloud Migration Cloud Migration
Cloud Migration Peak 10
 
Buyers Guide To Cloud
Buyers Guide To CloudBuyers Guide To Cloud
Buyers Guide To CloudPeak 10
 
Governance Tips for Midmarket IT Leaders
Governance Tips for Midmarket IT LeadersGovernance Tips for Midmarket IT Leaders
Governance Tips for Midmarket IT LeadersPeak 10
 
Top 10 Reasons for Colocation
Top 10 Reasons for ColocationTop 10 Reasons for Colocation
Top 10 Reasons for ColocationPeak 10
 
Security Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItSecurity Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItPeak 10
 
How to solve your IT problems in 7 days
How to solve your IT problems in 7 daysHow to solve your IT problems in 7 days
How to solve your IT problems in 7 daysPeak 10
 
The Whats, Whys and Hows of Database as a Service
The Whats, Whys and Hows of Database as a ServiceThe Whats, Whys and Hows of Database as a Service
The Whats, Whys and Hows of Database as a ServicePeak 10
 
13 Tips for Cloud Security
13 Tips for Cloud Security13 Tips for Cloud Security
13 Tips for Cloud SecurityPeak 10
 
10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the Cloud10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the CloudPeak 10
 
10 Tech Trends for 2014
10 Tech Trends for 201410 Tech Trends for 2014
10 Tech Trends for 2014Peak 10
 
Five Workload-to-Cloud Migration Methods
Five Workload-to-Cloud Migration MethodsFive Workload-to-Cloud Migration Methods
Five Workload-to-Cloud Migration MethodsPeak 10
 
Peak 10 Cloud Delivered Desktop
Peak 10 Cloud Delivered DesktopPeak 10 Cloud Delivered Desktop
Peak 10 Cloud Delivered DesktopPeak 10
 
CIO: Your Survival Guide
CIO: Your Survival GuideCIO: Your Survival Guide
CIO: Your Survival GuidePeak 10
 

More from Peak 10 (19)

10-TOP-IT-INITIATIVES_6-6-16
10-TOP-IT-INITIATIVES_6-6-1610-TOP-IT-INITIATIVES_6-6-16
10-TOP-IT-INITIATIVES_6-6-16
 
7_Questions_DR_Plan_6-23-16
7_Questions_DR_Plan_6-23-167_Questions_DR_Plan_6-23-16
7_Questions_DR_Plan_6-23-16
 
IT Industry terms, a guide to getting it right.
IT Industry terms, a guide to getting it right.IT Industry terms, a guide to getting it right.
IT Industry terms, a guide to getting it right.
 
TOP 10 Reasons to Make Peak 10 Your Cloud Provider of Choice
TOP 10 Reasons to Make Peak 10 Your Cloud Provider of ChoiceTOP 10 Reasons to Make Peak 10 Your Cloud Provider of Choice
TOP 10 Reasons to Make Peak 10 Your Cloud Provider of Choice
 
Advantages of Converged Infrastructures
Advantages of Converged InfrastructuresAdvantages of Converged Infrastructures
Advantages of Converged Infrastructures
 
New Tampa Data Center - Peak 10
New Tampa Data Center - Peak 10New Tampa Data Center - Peak 10
New Tampa Data Center - Peak 10
 
Cloud Migration
Cloud Migration Cloud Migration
Cloud Migration
 
Buyers Guide To Cloud
Buyers Guide To CloudBuyers Guide To Cloud
Buyers Guide To Cloud
 
Governance Tips for Midmarket IT Leaders
Governance Tips for Midmarket IT LeadersGovernance Tips for Midmarket IT Leaders
Governance Tips for Midmarket IT Leaders
 
Top 10 Reasons for Colocation
Top 10 Reasons for ColocationTop 10 Reasons for Colocation
Top 10 Reasons for Colocation
 
Security Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItSecurity Hurts Business - Don't Let It
Security Hurts Business - Don't Let It
 
How to solve your IT problems in 7 days
How to solve your IT problems in 7 daysHow to solve your IT problems in 7 days
How to solve your IT problems in 7 days
 
The Whats, Whys and Hows of Database as a Service
The Whats, Whys and Hows of Database as a ServiceThe Whats, Whys and Hows of Database as a Service
The Whats, Whys and Hows of Database as a Service
 
13 Tips for Cloud Security
13 Tips for Cloud Security13 Tips for Cloud Security
13 Tips for Cloud Security
 
10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the Cloud10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the Cloud
 
10 Tech Trends for 2014
10 Tech Trends for 201410 Tech Trends for 2014
10 Tech Trends for 2014
 
Five Workload-to-Cloud Migration Methods
Five Workload-to-Cloud Migration MethodsFive Workload-to-Cloud Migration Methods
Five Workload-to-Cloud Migration Methods
 
Peak 10 Cloud Delivered Desktop
Peak 10 Cloud Delivered DesktopPeak 10 Cloud Delivered Desktop
Peak 10 Cloud Delivered Desktop
 
CIO: Your Survival Guide
CIO: Your Survival GuideCIO: Your Survival Guide
CIO: Your Survival Guide
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 

Tips for Securing ePHI in the Cloud

  • 1. Tips for Securing ePHI in the Cloud
  • 2. When it comes to entrusting your electronic protected health information (ePHI) to a third-party cloud services provider, security is arguably the biggest concern. A lot of factors must be considered when looking for qualified providers you can work with and who want to work with you. Here are some considerations.
  • 3. covered entities are required to have three plans... Under the HIPAA Security Rule, 1
  • 4. ...for recovering access to ePHI should the organization experience an emergency or a disruption of critical business operations: data backup, disaster recovery and emergency mode operation. Evaluate cloud services providers (CSPs) for the depth of their service capabilities and commitments in each context. 1
  • 5. Data backup, disaster recovery and emergency operation mode... The Three Plans - 2
  • 6. ...must accurately reflect the procedures that the organization actually uses. They must be updated as procedures change in order to remain relevant and accurate.Any changes the storage provider makes must also be reflected. 2
  • 7. top-notch cloud security, it may not be neccessary to be... Even if a CSP offers 3
  • 8. ...HIPAA Compliant. Look for providers that boast of HIPAA compliance and have them prove it. Ask for audit documentation. 3
  • 9. a Business Associate Agreement (BAA) is table stakes for any CSP... A willingness to sign 4
  • 10. ...Worth doing business with so make sure the one you are considering will do so. 4
  • 11. states that CSPs (and other third-party provers...) 5 The HIPAA Security Rule
  • 12. ...(classified as business associates) have a framework in place to comply with HIPAA requirements. It’s up to you to ensure that is the case so get documentation from anyCSP you work with that outlines this framework. 5
  • 13. to ask a vendor to back up your data in its cloud... It may seem unnecessary 6
  • 14. ...but don’t be lulled into complacency. Discuss retention policies and backup methods upfront with prospectiveCSPs. They should be able to meet your organization’s requirements and any regulatory requirements. 6
  • 15. must be able to tell you precisely where your ePHI is... Any CSP you work with 7
  • 16. ...Physically stored. Providers who cannot pinpoint data location or that rely on non-U.S. based storage are not HIPAA compliant. Know what the HIPAA requirements are in this regard, and make sure theCSP can meet them. 7
  • 17. or attitudes toward data ownership and access. Dig into a vendors policy 8
  • 18. This can be crucial for protecting your organization if your provider runs into business issues down the road. 8
  • 19. access and attempted access to your data. HIPAA requires that you audit 9
  • 20. Work with your provider to ensure the hardware, software and/or procedural mechanisms that record and examine ePHI-related activity are implemented. 9
  • 21. the data backup methodology you use and be certain... Accurately document 10
  • 22. ...that it fulfills the HIPAA requirement to create and maintain retrievable exact copies of ePHI. 10
  • 23. If you’re wondering which service provider has one of the industry’s most comprehensive compliance programs for infrastructure, cloud and managed services, look no further than Peak 10 - in it with you, today and tomorrow. Call to action here.