As HIPAA practices have been law over recent years, every patient can breathe a sigh of relief that their information is secure as well as protected. When files were kept on paper as opposed to digitally, it was simple to protect the files without real worry that the data would be compromised.
As we have moved into the digital age, however, doctor’s offices and hospitals that have many patients could not possibly store the wealth of data concerned with every patient on-site. For this reason, cloud storage has become exceedingly important, in all areas of business, not just within medicine. However, how safe is a cloud?
Let’s take a look at further steps that a medical practice or hospital can take to ensure that information is being protected. Last week we began with inventory of the PHI, and this week we will talk about a BAA.
A BAA is an agreement that a cloud host will provide to the medical practice to ensure that all of the information is being protected. If the host does not agree to sign a BAA, then the data is clearly not protected under the directives in the 2013 HIPAA Omnibus Final Rule. Every BAA that is signed must declare several things. These things include, but are not limited to: ensuring that all PHI is controlled and that its disclosure is limited, using safeguards to protect cloud-stored data which is clearly outlined in the HIPAA Privacy and Security Rules, the report of any compromise of data immediately to the healthcare provider, and the provision to allow any patient to securely access their own data. This is usually performed by a chain of contact between the medical practice and client, but the host must provide the means in order to do so. A host must also destroy all PHI when the contract has ended, expired, or is terminated by either party.
If you are worried about the safety of your data when it comes to cloud storage within a medical practice or simply cloud storage in general, it’s time to turn to a cloud storage provider that has all of your safety and security in mind. Look to Biztek Solutions, Inc. to help with PHI data storage and any other data needs or concerns. To find out more about how we can help with protecting HIPAA information within a cloud, call us today at (800)353-5430 so we can help turn your problems into solutions.