Hosting a website or service that adheres to HIPAA guidelines requires HIPAA compliant hosting. The Health Information Technology for Economic and Clinical Health Act (HITECH) was signed into law in 2009 and increases the scope of protections for individuals while increasing penalties against healthcare providers that do not implement a proper system to manage electronic health records. Simply put, HIPAA compliant web hosting involves technological safeguards that include methods of protecting, storing, disseminating and sharing electronic information across multiple platforms, servers, and devices.
Can I manage the hosting myself?
Negligence of HIPAA compliance can result in fines that range from $10,000 to $50,000 up to a maximum of $1.5 million per violation per year. These numbers can be daunting for smaller healthcare providers to shoulder. This has created a greater incentive to ensure adequate hosting is in place.
Organization size and available resources can affect the ability to install and maintain a HIPAA compliant hosting solution in-house. In this case, these particular organizations must look to a third-party for a HIPAA compliant hosting solution that fits their budget, while meeting the requirements of the law.
HIPAA hosting compliance checklist
Whether handling web hosting internally or outsourcing to a HIPAA compliant hosting service provider, HIPAA HQ provides a helpful list of areas to account for, including:
- Documented data management, security & training plans
- A system of developing unique user IDs, passwords and procedures for login/logout
- Established and documented policies for the storage, transfer, disposal, and reuse of data
- Policies in place to address data transmissions over the internet, through email, private networks, and clouds
- Offsite backup or IT disaster recovery methods
How can Giva help?
Giva makes HIPAA compliance worry-free. The data center, hardware and software infrastructure of Giva's cloud help desk software was specifically designed to meet strict HIPAA compliance regulations. So, what can Giva offer your organization?
- Data encryption
- Onsite & offsite encrypted backups
- Physical, logical & network access controls
- Vulnerability management & logging
- Defined, tested security policies & procedures
Visit our website to learn more about Giva's HIPAA compliant software.