Windows Azure and HIPAA Compliance

First I would say it is a very delicate matter to discuss HIPAA compliance as definition and standards goes across many boundaries. Both the application and the infrastructure where the application is running defines the aspect of HIPAA compliance. HIPAA uses the concept of Business Associate and Service Provider as defined in HITECH Act, and ancillary Federal Register rules. Running a HIPAA compliance application requires every piece of information verified & stored and every action with the data is recorded and audited. HIPAA compliance means security, privacy, accountability, auditing and many more things. Any healthcare applications which must have HIPAA / HITECH Act compliance may not be suitable on Windows Azure completely. However it is possible that you can combine Windows Azure and other technologies which are HIPAA approved to create a hybrid solution.