Complying with HIPAA privacy, security and enforcement rules to safeguard protected health information (PHI) in the cloud is more top of mind than ever for healthcare organizations. The 25th Annual HIMSS Leadership Survey revealed that achieving Meaningful User (MU) Stage 2 and improving security systems continue to be the among the top business issues and IT infrastructure priorities for healthcare leaders. With MU deadlines pending – and the possibility of penalties looming – the stage is being set for serious action towards regulatory compliance in the coming months and years.
But what exactly is MU Stage 2? Did I miss Stage 1? And furthermore, who is monitoring whether or not I comply with the MU Stage 2? These questions – and more – are keeping many a healthcare leader up at night.
One question that has been answered, at least partially, is what the penalties will be for violating HIPAA regulations. Recent examples include:
- New York Presbyterian Hospital (NYP) agreed to pay $3.3 million to settle potential HIPAA violations, and will adopt a corrective action plan to evidence their remediation of these findings.
- Columbia University agreed to settle potential HIPAA violations including a $1.5 million monetary settlement and corrective action plan to address deficiencies in its HIPAA compliance program.
But even with these high-profile cases splashed across the media, many healthcare organizations still may not fully understand how HIPAA compliance translates into safeguarding PHI. The situation can become even more confusing when these organizations try to sort out compliance standards when working a business associate (BA) such as a cloud hosting provider.
At HOSTING, we asked our staff of HIPAA compliance experts – including healthcare IT veterans, certified ITIL engineers and support professionals – to compile a list of questions frequently asked about HIPAA Compliance in the cloud with straightforward answers. Click through to access our newly published HIPAA Compliance FAQs.
While these HIPAA Compliance FAQs will likely answer many of your questions, please do not hesitate to contact us if you would like further details.