Contact Us
Blog December 1, 2016

HIPAA Compliant Azure Hosting and the Business Associate Agreement

All healthcare organizations in the U.S., or any organization that has access to protected healthcare information (PHI), must adhere to the guidelines of both the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH). It’s important to employ the best practices since HIPAA requirements are vague and some can be overlooked.

In many cases, for a healthcare company to use a service like Microsoft Azure, their service provider must provide a written agreement called a Business Associate Agreement (BAA) to adhere to certain security requirements set out in HIPAA and the HITECH Act. Azure does include features to help enable your privacy and security compliance, but you are ultimately responsible for ensuring that your Azure environment complies with HIPAA and other regulations.

When considering placing PHI in Azure, it’s important to know that Azure is certified according to physical, technical, and administrative safeguards that make up HIPAA. It provides a compliant foundation for healthcare industry organizations, but it’s your responsibility to sign a BAA with your service provider outlining these services. The BAA ensures that your organization will leverage Azure services while adhering to HIPAA compliance.

Connectria provides a BAA to all customers, especially those with a HIPAA Compliant Hosting plan. For instance, ePreop, a Connectria customer since 2009, decided to move their HIPAA compliant platform to Azure. They chose to move to Azure because of its scalability and their global data center footprints. As a software company whose Software as a Service (SaaS) platform assists in care coordination of surgical patients, they had to ensure that their Azure environment remained HIPAA compliant.

After evaluating the benefits of Microsoft Azure, including integration, credibility and customization, ePreop decided to sign a BAA with Connectria for our HIPAA compliant services on Azure. The BAA will ensure our services and benefit the company with reduced time, cost and risk, audited security controls and processes, SaaS support, and a dedicated compliance team.

If you have any questions regarding HIPAA compliance, Microsoft Azure, or any of Connectria’s services and solutions, please contact us.

Related Resources

 
4 Use Cases for Connectria’s Hybrid Cloud
Connectria’s Hybrid Cloud brings the unique capabilities of IBM Power Systems to our data centers in close proximity to AWS in US-East and US-West. This…
 
Black Friday and Cyber Monday: IT’s Ultimate Stress-Test
It’s that time of year again! With Black Friday and Cyber Monday quickly approaching, retailers are gearing up for the 2021 holiday shopping season. While it’s…
 
Hybrid Cloud DR Connectivity for IBM i and AIX
We recently shared a new diagram for IBM on-net with AWS hybrid cloud. In this article, I will discuss connectivity into Connectria’s hybrid cloud data…