The Windows Azure team has announced that Windows Azure now enables HIPPA compliance. Microsoft now offers a HIPAA BAA to our EA (Enterprise Agreement/volume licensing) customers and partners in the health industry.
The announcement was made on the Windows Azure team blog post Security, Privacy & Compliance Update: Microsoft Offers Customers and Partners a HIPAA Business Associate Agreement (BAA) for Windows Azure.
Scott Vidich explained, “I’m pleased to announce that we have achieved the most important compliance milestone for our health customers: enabling the physical, technical, and administrative safeguards required by HIPAA and the HITECH Act inside Windows Azure core services, and offering a HIPAA BAA to our EA (Enterprise Agreement/volume licensing) customers and partners in the health industry.”
The Windows Azure Trust Center explains how a HIPAA BAA that includes Windows Azure breach monitoring and notification at the platform level for the following core services:
- Cloud Services (Web and Worker roles)
- Storage (Tables, Blobs, Queues)
- Virtual Machines (Infrastructure-as-a-Service)
- Networking (Windows Azure Connect, Traffic Manager, and Virtual Network)
The existence of Windows Azure BAA means that covered healthcare entities can now leverage Windows Azure core services in a pure public cloud platform, as well as a hybrid cloud configuration that extends their existing on premises assets and investments through the public cloud.
For more information about how health organizations can leverage cloud services to dramatically lower IT costs and drive greater productivity and collaboration, visit Microsoft in Health blog.
Bruce D. Kyle
Technical Evangelist | Microsoft Corporation