Businesses large and small are hurdling faster and faster to cloud computing. The reasons are clear. Cloud computing offers the scalability, flexibility and cost advantages needed to help businesses stay competitive during these challenging economic times. The healthcare industry is no exception. In fact, hospitals, health providers and agencies that provide and coordinate care are perhaps facing the greatest challenges of all as they are being asked to improve care quality, care for more people and do so at lower cost. But for an industry with sensitive and very personal health information, do cloud services provide the privacy and security of data that healthcare organizations absolutely must have?
To answer this question, my colleagues at Microsoft have published a new whitepaper called “Addressing HIPAA Security and Privacy Requirements in the Microsoft Cloud”. If you are charged with setting the ICT strategy for your healthcare organization, this whitepaper is a must read. Here’s an overview from the whitepaper’s executive summary.
Organizations operating in the healthcare industry are continuously under pressure to use resources as efficiently as possible. They must provide innovation in patient care products and services enabled by advances in IT, and do so while maintaining compliance with an increasing burden of privacy and security regulations such as those posed by the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH). Deploying Microsoft cloud and cloud enabled hybrid solutions can give these organizations a method of focusing on patient care, while cost effectively consuming IT services, whether they are end-user applications or raw computing resources. On Microsoft’s cloud, these solutions would use IT services as compliance enabling, secure, flexible and scalable utilities, rather than resource intensive, on-site, capital expenditures requiring on-going service and maintenance. Bottom line, the cloud gives healthcare organizations the opportunity to improve quality of care, access to care, increase services, and to reduce costs. This whitepaper is aimed at business decision makers and IT managers at Covered Entities (hospitals, health plans, clearinghouses) and their Business Associates (defined by HIPAA as organizations that handle electronic Protected Health Information - ePHI). It provides a brief overview of regulation requirements, a detailed analysis of how Microsoft’s cloud services were built with methodologies that map to those requirements, and guidance on how specific offerings can be incorporated by covered entities and their business associates into solutions that meet ongoing compliance needs that are subject to change over time.
To read more: Download the new Whitepaper (PDF)
Bill Crounse, MD Senior Director, Worldwide Health Microsoft