Next-Generation Technologies & Secure Development
Cloud Computing in Healthcare: Key Security Issues
Cloud computing has drawn a great deal of attention as a way to reduce IT costs in healthcare. But are the companies that offer cloud computing well-prepared to meet the HIPAA privacy and security requirements?
Join us for this exclusive session, where you'll gain an in-depth understanding of issues relevant to all healthcare organizations, including:
- Working with cloud vendors to address key information security and privacy compliance issues;
- Strategies for satisfying HIPAA privacy and security legal requirements "in the cloud;"
- The impact of the pending modifications to the HIPAA privacy and security rules, in addition to the HITECH Act rules.
As hospitals and clinics alike consider their options for adding new applications in a hurry, on a tight budget or lacking necessary resources, many are considering the cloud computing option.
With the HITECH EHR incentive payment program kicking into high gear, organizations are feeling pressure to devise ways to roll out new systems quickly so they can earn the maximum payments from Medicare and Medicaid.
But cloud computing presents special risks, particularly with respect to privacy and security. And many vendors, unfortunately, do not appear to fully understand the importance of addressing these risks as healthcare organizations work to comply with the updated HIPAA privacy and security rules. One of the requirements for receiving EHR incentive payments is to perform a risk assessment, and then appropriately remediate the identified risks.
Healthcare organizations considering cloud computing need to carefully consider the risks before taking the plunge, and then take the right steps to obtain adequate due diligence protection.
In this session, a healthcare security and privacy compliance expert will offer a clear, detailed explanation of key issues, including:
- Cloud computing safeguards necessary to satisfy HIPAA and other privacy and security requirements, including such strategies as using "private clouds" and restricting data to servers in the United States;
- The impact of the pending modifications to the HIPAA privacy and security rules, in addition to the HITECH Act rules, including new standards for accounting for disclosures, on the decision about using cloud computing;
- The negotiation of a HITECH-compliant business associate agreement with the cloud vendor;
- How to effectively obtain assurance that cloud vendors are in compliance with HIPAA and HITECH;
- Metrics to use to determine that vendors maintain compliance on an ongoing basis;
- Performance issues, including availability of data and services;
- Increased complexity of e-discovery if processes and/or data storage are handled using cloud computing;
- The handling of the transition to another cloud vendor or back to the health care organization without disruption of operations or conflicting claims to the data.
This webinar is available OnDemand.
You might also be interested in …