ISO 27001 | SSAE 18 SOC 2 Certified Sales: 317.275.0021 NOC: 317.275.0001
Data Centers for the Health Care Industry: HIPAA Compliance
Did you know that if the private health care your company maintains data is not protected, it could result in a loss of up to $1.7 million in federal fines? Astonishing as it sounds, this is the hard truth that many health care providers and data centers are dealing with today. The U.S Office for Civil Rights (OCR) has recently defined 169 specific performance criteria, non compliance of which can result in an extremely costly affair. The violation of the HITECH Act can lead to fines in the range of $100 to $50,000 for first time violations and can also go up to $1,500,000 in the event of repeated violations.
The HIPAA security rule lays guidelines regarding the availability, integrity and confidentiality of electronic protected health information (ePHI). Some of the dos and don’ts as per the guidelines are:
- The same policies, governance standards, risk management procedures being followed by health care providers should be followed by the data centers as well.
- Privacy and security of electronic data are of key importance.
- It is important for covered health care entities to have contracts with their business associates, in this case the data centers. The contracts need to make the data centers responsible for the protection of the health care information that is received, transmitted, created or maintained on behalf of the covered entities.
- Data center staff needs to be trained for security awareness and adherence to HIPAA compliance guidelines.
- Ideally, the data center must provide an independent report on HIPAA compliance. If this is not as per the contractual arrangements then the covered entities will need to ensure HIPAA compliance at their data centers which can incur a significant cost.
By outsourcing your data management requirements to co-located data centers, you get access to expert know-how and compliance adherence leading to a significant return on investment. For consulting the right industry experts in HIPAA compliant data centers, do visit https://lifelinedatacenters.com/ and treat yourself to the best solutions in this domain.
Alex Carroll
Managing Member at Lifeline Data Centers
Alex, co-owner, is responsible for all real estate, construction and mission critical facilities: hardened buildings, power systems, cooling systems, fire suppression, and environmentals. Alex also manages relationships with the telecommunications providers and has an extensive background in IT infrastructure support, database administration and software design and development. Alex architected Lifeline’s proprietary GRCA system and is hands-on every day in the data center.
