The Health Insurance Portability and Accountability Act (HIPAA)
Act supports the concepts of Electronic Health Record (EHR...
What is cloud Computing?
• cloud computing has been driven by the benefits, the cheapest
purveyor of application hosting, ...
GENERATION OF HPC
Compliance and Audit in cloud
• Compliance is a Conformance with an established standard,
specification, regulation, or la...
HIPAA RULES
COMPLIANCE SECURITY
• The traditional cryptographic technologies for data integrity and availability, based
on Hash functions and signature sc...
In a Corporate world there are large number of client who accessing their data and
modifying a data. To manage this data w...
modules

1. Client Module:
In this module, the client sends the query to the server. Based on the
query the server sends t...
ALGORITHM
screen shots
Eucalyptus Private Cloud Setup
Admin Console
E-mail Confirmation
User Console
Audit Logs
Client request to csp
Cloud Server Login
Verify password if correct send a file
that he wants to access
Conclusion
• Creating a cost-effective and secure system design when the
adversary owns the data is extremely challenging....
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
Hipaa auditing in cloud computing enviroment
Upcoming SlideShare
Loading in …5
×

Hipaa auditing in cloud computing enviroment

587 views

Published on

The rise of cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. With all the security and Privacy Laws in the Health Care field today anyone that works with confidential information should know how to protect that information. The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare data. Governance, compliance and auditing are becoming as important pedagogical subjects as long established financial auditing and financial control. Designing sound IT governance, compliance, and auditing is a challenging task. This Thesis elaborates the concept of HIPAA compliance in cloud computing by taking a look at the history and dynamics and how Cloud computing changes the astir of certain parts of HIPAA Security requirements. We briefly describe the cyber warfare as a premise to enforce the reasons for complying with government regulations for information systems. The purpose of this Thesis is to explain the importance of HIPAA and research what it takes for Healthcare data to be HIPAA Compliant. Also, explaining what is expected of Healthcare industries if there is an audit and how does HIPAA Auditing play a big part in HIPAA compliance. The Cloud is a platform where all users not only store their data but also used the services and software provided by Cloud Service Provider (CSP). As we know the service provided by the cloud is very economical due to which the user pay only for what he used. This is a platform where data owner remotely store their data in the cloud to enjoy the high quality services and applications. The user can access the data, store the data and use the data. In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. We first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
587
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Hipaa auditing in cloud computing enviroment

  1. 1. The Health Insurance Portability and Accountability Act (HIPAA) Act supports the concepts of Electronic Health Record (EHR) and Health Information Exchange (HIE). Even though HIPAA has been around since 1996 it wasn’t taken seriously until HITECH was put into place in 2010. HITECH extended the HIPAA that was put into place in 1996 which contained two parts: Title I and Title II. •Title I to protect people in case they lost their job or switched jobs so that they could still have healthcare coverage. •Title II called Administrative Simplification was about data protection. From an IT Departments aspect HIPAA/HITECH is to control who can see what data depending on their job position, tracking data, and monitoring data. Also protecting stored data and data while it is being transferred through encryption. Access controls and processes also need to be set up.
  2. 2. What is cloud Computing? • cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. • the cloud of computers extend beyond a single company or entity. the application and data served by cloud are available to broader group of users, cross enterprise, and cross platform. • access is via internet. any authorized user can access these documents, application from any computer over the internet. • access pay-as-you-go manner .
  3. 3. GENERATION OF HPC
  4. 4. Compliance and Audit in cloud • Compliance is a Conformance with an established standard, specification, regulation, or law. Various types of privacy regulations and laws exist within different countries at the local and global levels, making compliance a potentially complicated issue for cloud computing. • HIPAA in the US is just compliance issues affecting cloud computing, based on the type of data and application for which the cloud is being used. Maintaining and proving compliance when using cloud computing. • Audit is well positioned through its role as an assurance function to help management and the board identifies and considers the key risks of leveraging cloud computing technology.
  5. 5. HIPAA RULES
  6. 6. COMPLIANCE SECURITY
  7. 7. • The traditional cryptographic technologies for data integrity and availability, based on Hash functions and signature schemes. 1. Firstly, traditional cryptographic cannot work on the outsourced data. it is not a practical solution for data validation by downloading them due to the expensive communications, especially for large size files. 2. Secondly, Cloud Computing is not just a third party data warehouse. The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification, appending, reordering, etc.
  8. 8. In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. In this thesis we first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact. 1.Protect the data from unauthorized access. 2.Ensure that our data are intact. 3.Solve the problem of integrity, unauthorized access, privacy and consistency.
  9. 9. modules 1. Client Module: In this module, the client sends the query to the server. Based on the query the server sends the corresponding file to the client. 2. System Module: • User: Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual consumers and organizations. • Cloud Service Provider (CSP): A CSP, who has significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live Cloud Computing systems,. • Third Party Auditor (TPA): An optional TPA, who has expertise and capabilities that users may not have, is Trusted to assess and expose risk of cloud storage services on behalf of the users upon request.
  10. 10. ALGORITHM
  11. 11. screen shots Eucalyptus Private Cloud Setup
  12. 12. Admin Console
  13. 13. E-mail Confirmation
  14. 14. User Console
  15. 15. Audit Logs
  16. 16. Client request to csp
  17. 17. Cloud Server Login
  18. 18. Verify password if correct send a file that he wants to access
  19. 19. Conclusion • Creating a cost-effective and secure system design when the adversary owns the data is extremely challenging. • To protect the data from unauthorized access and ensure that our data are intact. • Solve the problem of integrity, unauthorized access, privacy and consistency.

×