Showing results for "HIPAA".
May 24, 2017
HIPAA Compliance at the Application Level
While HIPAA Compliance at the infrastructure level is heavy on technology, HIPAA Compliance at the application level is more of a blend of technology and policy.
Kris Gösser
Former Chief Marketing Officer
hipaa healthcare cloud
September 5, 2018
SOC 2 Type II Compliance for Cloud Computing
At Datica, we are often asked about SOC 2 Type II and how it relates to HIPAA and HITRUST. This article is to help explain how a SOC 2 Type II audit compares to HIPAA compliance and other regulatory audits in the United States.
Matt Taylor
Former Director of Marketing
compliance hitrust cloud computing
February 8, 2018
What is GxP?
GxP stands for "Good Practice" and is a set of operational controls for Life Sciences organizations working within the confines of the FDA. Learn more about GxP compliance.
Kris Gösser
Former Chief Marketing Officer
gxp
June 7, 2019
Amazon ElastiCache for Redis HITRUST CSF Configuration Guide
This step-by-step guide gives developers easy-to-understand instructions to configure Amazon ElastiCache for Redis instances to be HITRUST CSF ready. In the following sections we walk through the requirements, controls, and configurations for ElastiCache for Redis.
Ryan Rich
Former Chief Product Officer
aws hitrust hipaa
August 28, 2020
What is Protected Health Information (PHI)?
The acronym PHI stands for Protected Health Information. An individual's PHI is data on health status, provision of health care, or payment for health.
Ty Hollins
Former Information Security Officer
hipaa phi
January 9, 2018
What is a Data Breach under GDPR and HIPAA?
What is the definition of a security incident and data breach under HIPAA and GDPR and how do they compare? This article breaks down the key terminology.
Travis Good, MD
Co-founder & Former Chief Technology Officer
gdpr
October 2, 2018
AWS RDS Guide - How to configure RDS to comply with HIPAA and HITRUST
This guide is intended to give developers an easy to understand, step by step runbook for configuring their AWS RDS instance to be HITRUST CSF ready. In the following sections we’ll walk through the requirements, controls, and configurations for RDS.
Ryan Rich
Former Chief Product Officer
aws hipaa hitrust
October 2, 2018
Azure Cosmos DB Guide - How to configure Cosmos DB to comply with HIPAA and HITRUST
This guide is intended to give developers a simple way to configure their Cosmos DB service to be HITRUST CSF ready. In this guide we’ll walk through the requirements, controls, and configurations for Azure Cosmos DB.
Ryan Rich
Former Chief Product Officer
compliance hipaa microsoft
October 2, 2018
Google Cloud SQL Guide - How to configure GCP Cloud SQL to comply with HIPAA and HITRUST
This guide helps developers configure their Google Cloud SQL instance to be HITRUST CSF ready. It covers requirements, controls, and configurations for GCP Cloud SQL.
Ryan Rich
Former Chief Product Officer
cloud computing hipaa compliance
January 5, 2018
GDPR for Cloud Service Providers (That's You!)
Cloud Service Providers doing business in the EU are Processors under GDPR—it's kind of like being a HIPAA Covered Entity in the U.S. Read more on GDPR Service Providers.
Kris Gösser
Former Chief Marketing Officer
gdpr
April 10, 2018
Business Associate Agreements
With ePHI access, business associates are required to sign a HIPAA business associate agreement (BAA). Learn more about business associate agreements here.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hipaa
February 8, 2018
GxP and Business Associates: Does it exist like HIPAA?
GxP does not have the concept or BAAs or contracts that outline risk like HIPAA does. There is no concept of inheritance or chaining liability. Learn more here.
Kris Gösser
Former Chief Marketing Officer
gxp
May 10, 2018
What is HITRUST?
HITRUST certification by the HITRUST Alliance enables vendors and covered entities to prove HIPAA compliance based on a standardized framework.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hitrust
October 11, 2020
The HIPAA Privacy Rule
The HIPAA Privacy Rule is important to understand because it explains the types of data, covered entities, and uses of data HIPAA is concerned about.
Dave Levin, MD
Co-Founder and Former Chief Medical Officer
hipaa privacy phi
August 30, 2018
HIPAA and Encryption
HIPAA encryption strategy is another factor of HIPAA compliance, whether HIPAA SSL, data at rest, Filevault2, firewall encryption, or more.
Ryan Rich
Former Chief Product Officer
hipaa
April 16, 2018
Why HIPAA is not PCI
This post discusses HIPAA and different types of hosted infrastructure options, answering the question of why HIPAA is not PCI.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hipaa
June 14, 2018
HIPAA Contingency Planning + Disaster Recovery
Business associates and subcontractors need a HIPAA disaster recovery contingency plan in place to maintain the integrity of ePHI in case of a disaster.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hipaa
June 28, 2018
HIPAA Auditing and Logging
If you're going through a HIPAA security audit by a hospital or payer compliance office, auditing and logging will show that your application is secure.
Ryan Rich
Former Chief Product Officer
hipaa
August 16, 2018
HIPAA, Subcontractors, and BAAs
The major part of security in healthcare is HIPAA, and the HIPAA rules changed in late 2013 with the new HIPAA Omnibus that adds subcontractors entities.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hipaa
January 12, 2018
HIPAA and Multi Tenancy
What exactly is multi tenant cloud and does Datica Compliant Cloud offer a multi tenant environment?
Ryan Rich
Former Chief Product Officer
hipaa
January 12, 2016
HIPAA Risk Assessment and Management
A risk assessment – a HIPAA requirement – is the first thing to do since it frames many decisions you'll make regarding your security posture.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hipaa
October 29, 2020
The Who and How of HIPAA Enforcement
Learn about HIPAA enforcement, including who is responsible for enforcing HIPAA violations and compliance, and the fines for violating HIPAA.
Rick Wattras
Engineering Director
hipaa security hipaa privacy
July 23, 2018
HIPAA Data Retention Requirements
HIPAA requires that business associates and covered entities retain multiple types of data for at least six years. Learn what data you need to retain.
Ty Hollins
Former Information Security Officer
hipaa
March 21, 2018
HIPAA 101 A primer
The HIPAA acronym stands for the Health Insurance Portability and Accountability Act. This HIPAA primer covers HIPAA 101 basics, meaning, entitities, etc.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hipaa
April 19, 2018
Proving HIPAA Compliance
HIPAA attestation is everywhere but are they really compliant? Companies can self-attest to HIPAA compliance because there are no HIPAA certifications.
Travis Good, MD
Co-founder & Former Chief Technology Officer
hipaa
October 27, 2020
HIPAA and Data Breaches
Understanding the HIPAA breach policy and having a breach notification checklist can prepare you in case of unauthorized disclosure of ePHI.
Brietta Hoel
Engineering Product Lead
hipaa cloud-compliance
January 10, 2018
GDPR Data Breach Notification Checklist
This GDPR data breach notification checklist outlines the steps that should be orchestrated by your data protection officer to ensure GDPR compliance.
Travis Good, MD
Co-founder & Former Chief Technology Officer
gdpr