Is The Cloud Right For Your Healthcare Practice, Organization Or Facility?

Is The Cloud Right For Your Healthcare Practice, Organization Or Facility?

Manuel W. Lloyd

Last updated October 17, 2018


Despite the fact that the cloud offers healthcare providers, facilities and organizations substantial relief and efficiency, the industry has been slow to transition data to cloud storage. Most of this apprehension can be traced to concern about remaining HIPAA compliant in the cloud and the sometimes-literal life and death need for constant data accessibility. 

But as the healthcare sector converts from paper medical records to electronic health records by the government mandated deadline, the benefits of cloud-based solutions are becoming increasingly difficult to overlook. 

Now that data center operators and cloud service providers are more definitively classified as Business Associates with recent HIPAA modifications, the healthcare industry is turning to external vendors at an unprecedented rate.

For healthcare technology decision makers, it’s important to remember that a signed Business Associate Agreement (BAA) between you and a cloud-service provider doesn’t absolve you from responsibility in the event of a data breach. You’re still entrusting an external vendor with highly confidential digitized patient data and your overall reputation. This shared accountability must be considered as you choose a cloud vendor.

Here are a few suggestions to ensure you don’t get shark bit in these unchartered waters:

Be Thorough in Your Vetting Process

Do your homework to make sure that the vendor’s services are up to par with the needs of your office, organization, or facility. Having the vendor complete an extensive questionnaire is a good way to assess their capabilities and gauge their comprehension of audits, encryption, and data security.

Stress the Importance of HIPAA Compliance and Hold Them Accountable

Ideally, your vendor has worked in the healthcare industry before and comprehensively understands HIPAA requirements. If your vendor is inexperienced with this vertical and these regulations, their responsibilities when it comes to HIPAA compliance must be clearly communicated and understood.

Oversight remains your responsibility, and you must ensure they’re ready to comply before proceeding entirely. Be sure that line items for data recovery, data replication and backup solutions, and penalties for unplanned outages are ironclad and clearly agreed upon before signing a contract with any vendor.

Always remember that any cloud service provider you use should willingly sign a BAA to confirm shared accountability as a business associate. If they refuse to sign a BAA, it is best to seek out another vendor.

These are just a few suggestions for healthcare providers and facilities entering the cloud realm for the first time. Careful deliberation when choosing a cloud service provider and a well thought out plan of action will go a long way toward ensuring security and data integrity and availability.

Find our AWS Solution Architect Online Classroom training classes in top cities:

Name Date Place
AWS Solution Architect 5 Apr -3 May 2019, Weekdays batch Your City View Details
AWS Solution Architect 15 Apr -30 Apr 2019, Weekdays batch New York City View Details
AWS Solution Architect 27 Apr -25 May 2019, Weekend batch Dallas View Details

About the Author

Founder and entrepreneurial Virtual CIO of Manuel W. Lloyd Consulting, the author specializes in IT service operational efficiency for healthcare organizations. Manuel honed his skills in the USMC directly for President Ronald Reagan at Camp David.

Recommended articles for you

AWS Vs. Azure: Which One’s Right for Your Cloud Career?


AWS Reinvent Reinforces the Growth of Cloud Computing


6 Reasons a Microsoft Azure Certification is the Secret to a...