Share, , Google Plus, Pinterest,

Print

Posted in:

The Clock is Ticking on Your Cloud Vendors

Who: www.HealthcareITNews.Com

What: All organizations have a business imperative to control risk.  For healthcare companies that corporate responsibility extends to the protection of ePHI within their organization. The HIPAA Omnibus rule outlines this responsibility with a refined definition of responsible parties, notably your outsourced storage vendors and subcontractors.This final rule is a call to action, with a six month timeline (September 23, 2013 being the compliance date), to make sure your vendor relationships for cloud computing and hosted data storage are with a company who will stand behind their security controls and oversight with a Business Associate Agreement (BAA).

Why: It’s important to understand that, with the new rule, you need to demonstrate that you have performed due diligence when it comes to the protection of patient health information as it relates to your business associates – as well to any subcontractors that work for them.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.