blog Everything You Need To Know About Amazon's Relational Database Service Relational Database Service (RDS) is one of the most popular tools offered by AWS – let's breakdown why. Plus, get resources for success with RDS. Nov 2nd, 2021
blog 3 Essential Elements Of A HIPAA Policy and Procedures Template Learn how a policies and procedures template protects your business and the 3 essential elements your template should include. Oct 26th, 2021
blog 5 Ways Cloud Computing Is Transforming Healthcare The cloud is a fantastic technology, but you need to use it responsibly to improve patient outcomes. Learn more about how it is transforming healthcare. Oct 19th, 2021
blog 5 Steps To Write Solid HIPAA Policies and Procedures Not sure how to write HIPAA policies and procedures for your business? Get started with these 5 steps. Oct 12th, 2021
blog Everything You Need to Know About HITRUST Certification If you’re looking for a way to differentiate your business and show the world that you take cybersecurity seriously, go after a HITRUST certification. Let’s dig into the basics of HITRUST & 5 steps to certification. Oct 5th, 2021
blog What is the HITRUST Framework? Most don't realize HITRUST is not a framework at all, but an organization comprised of healthcare industry leaders. Let's dive into the HITRUST CSF Framework, developed by the HITRUST organization, in partner with other technology and information security leaders. Aug 31st, 2021
blog The 12 Key Requirements for PCI Compliance Follow these 12 simple PCI requirements to protect your customers, avoid fees, and grow your business. Aug 26th, 2021
blog AWS HIPAA Compliance: 5 Best Practices It’s your responsibility to follow HIPAA requirements while using AWS. Use these five best practices to enjoy the convenience of AWS while staying HIPAA compliant! Aug 24th, 2021
blog What is PCI Compliance, and Why is It Important? Learn more about what PCI compliance means and five reasons it’s beneficial for both your business and your customers. Aug 19th, 2021
blog HIPAA Compliance Audit: 5 Steps to Ensure You're Prepared Avoid the fines, lawsuits, and PR headaches that come with data breaches and failed audits. Follow these five steps to ensure you’re prepared for your next HIPAA audit. Aug 17th, 2021
blog SOC 2 Compliance Checklist The SOC 2 compliance process takes several months, and it’s not a process to take lightly. Follow these steps to assess your readiness, prepare for an audit, and earn your SOC 2 certification. Aug 10th, 2021
blog What is SOC 2? The Complete Guide to SOC 2 Compliance + Checklist If you store any kind of customer data in the cloud, you need to follow the System and Organization Control 2 (SOC 2) standards. Learn how SOC 2 works and five essential best practices you should follow to stay compliant. Aug 10th, 2021
blog Guide to Understanding HITRUST Datica walks you through the basics of HITRUST, how much it costs, why it's important, and why it should be on your radar in the future. Jun 29th, 2021
blog HIPAA & HITRUST Self-Assessment This lightweight self-assessment worksheet illuminates the cloud compliance requirements of HIPAA that you need to plan for in your own digital health product. Jun 29th, 2021
blog HIPAA Compliance at the Application Level HIPAA compliance at the application level is different than the infrastructure level. This comprehensive guide explains HIPAA considerations for digital health applications. Jun 29th, 2021
blog Understanding HIPAA compliance This guide will walk you through important definitions and concepts, building on previous learnings. You will emerge armed with a basic understanding to HIPAA's purpose and rules, your obligations, and ways to address compliance. Jun 29th, 2021
blog Understanding the Total Cost of Ownership of Cloud Compliance In this guide are tested formulas and directional advice from the compliance and cloud experts at Datica on how to measure and manage the total cost of ownership to achieve compliance in the cloud. Jun 29th, 2021
blog What does HIPAA stand for? What does HIPAA stand for? We break it down for you here. Jun 29th, 2021
blog HIPAA and Data Breaches Understanding the HIPAA breach policy and having a breach notification checklist can prepare you in case of unauthorized disclosure of ePHI. Jun 23rd, 2021
blog What’s an Application Developer's Responsibility for HIPAA? To get started down that road to HIPAA compliance, application developers first need to understand the basic categories of HIPAA controls and which ones apply to them. Sep 16th, 2020
blog 50 Best HIPAA-Compliant Cloud Storage Solutions Our list of the 50 best HIPAA-compliant cloud storage solutions will help you find the best solution with the functionality and features for your business. Sep 12th, 2020
blog What is Protected Health Information (PHI)? The acronym PHI stands for Protected Health Information. An individual's PHI is data on health status, provision of health care, or payment for health. Aug 28th, 2020
blog 3 Common Misconceptions About Business Associate Agreements HIPAA outlines the types of entities that are covered but the further down the line a subcontractor gets from a covered entity, the more confusion there is. Aug 10th, 2020
blog Top 50 Health IT Conferences to Attend in 2020 To make it easier for you to plan your conference attendance schedule for 2020, we’ve compiled our picks for the 50 must-attend health IT conferences. These events are designed to connect healthcare professionals working in a variety of unique disciplines, touching on hot-button topics for today’s healthcare organizations. Mar 20th, 2020
blog 5 Steps to HITRUST CSF Certification Complying with HIPAA and proving it are two very different things. Let us show you the 5 Steps to HITRUST CSF Certification. Feb 18th, 2020
blog Cybersecurity Conferences to Attend in 2020 Considering attending a few cybersecurity conferences this year, but not sure which would be worthwhile to attend? Well, look no further. We pulled together our list of the top 14 cybersecurity conferences that you should consider attending in 2020. Feb 12th, 2020
blog What is the Cost of HITRUST CSF Certification in 2020? The costs for a HITRUST Certification in 2020 have gone up as the HITRUST CSF has evolved and become more complex. Jan 29th, 2020
blog How long to keep medical records under HIPAA? Guess what? HIPAA doesn't say how long you have to keep medical records. This is a common misconception of HIPAA data retention policy. Jan 16th, 2020
blog What is HITRUST? HITRUST certification by the HITRUST Alliance enables vendors and covered entities to prove HIPAA compliance based on a standardized framework. Jan 16th, 2020
blog How to Comply When You Receive a HIPAA Breach Notification A HIPAA breach isn't beneficial for any parties involved, but that doesn't mean you can't prepare in advance to comply in the event a breach does happen. Dec 18th, 2019
blog What Are HITRUST Requirements? The HITRUST CSF is a framework designed and created to streamline regulatory compliance. Companies that implement HITRUST CSF controls and strive to meet HITRUST requirements are better equipped for audits and lower their regulatory risk, but what are those requirements? Nov 21st, 2019
blog What is a HITRUST CSF Self-Assessment? Here’s what you need to know about the HITRUST CSF Self-Assessment, how it works, and how to determine if the self-assessment option is sufficient for your organization. Nov 21st, 2019
blog Who is HITRUST CSF Certified? The HITRUST certification is the highest Degree of Assurance a company can obtain. The HITRUST certification is increasingly required of business associates by some entities, such as health insurance providers, in order to ensure that business associates have the adequate security controls and protections in place to protect sensitive personal data. Nov 21st, 2019
blog HIPAA vs HITRUST HITRUST and HIPAA are two critical topics in healthcare, but do you know how they differ? Let's break it down and explore additional resources to learn more. Nov 11th, 2019
blog 4 Ways Big Data is Transforming Healthcare Analytics Big data and advanced analytics are poised to drive innovation across healthcare. Here are four ways that big data is already transforming analytics, what a big data driven healthcare may look like in the future, and some of the pressing challenges facing healthcare analytics. Oct 7th, 2019
blog 51 Best Healthcare IT Blogs You Should be Reading To help you find the best, most up-to-date, insightful blogs from health IT professionals, clinicians, and leading journalists in the health IT space, we've rounded up a collection of 50 must-read blogs. Oct 3rd, 2019
blog What is the cost of a HIPAA audit? The cost of a HIPAA audit depends on audit type – HIPAA gap assessment, full HIPAA audit, or validated HITRUST assessment – and indirect costs like time. Sep 23rd, 2019
blog Business Associate Agreements With ePHI access, business associates are required to sign a HIPAA business associate agreement (BAA). Learn more about business associate agreements here. Sep 16th, 2019
blog HIPAA and Encryption HIPAA encryption strategy is another factor of HIPAA compliance, whether HIPAA SSL, data at rest, Filevault2, firewall encryption, or more. Sep 16th, 2019
blog HIPAA Compliance at the Application Level While HIPAA Compliance at the infrastructure level is heavy on technology, HIPAA Compliance at the application level is more of a blend of technology and policy. Sep 16th, 2019
blog HIPAA Data Retention Requirements HIPAA requires that business associates and covered entities retain multiple types of data for at least six years. Learn what data you need to retain. Sep 16th, 2019
blog HIPAA Risk Assessment and Management A risk assessment – a HIPAA requirement – is the first thing to do since it frames many decisions you'll make regarding your security posture. Sep 16th, 2019
blog HIPAA, Subcontractors, and BAAs The major part of security in healthcare is HIPAA, and the HIPAA rules changed in late 2013 with the new HIPAA Omnibus that adds subcontractors entities. Sep 16th, 2019
blog Saas, Paas, IaaS; What's the Difference? As healthcare increasingly turns to cloud infrastructure, you might want to get to know the different service delivery models — SaaS, PaaS, and IaaS. Sep 16th, 2019
blog The Importance of Business Associate Agreements (BAAs) Simply put, a Business Associate Agreement (BAA) defines responsibility, and thus liability, with respect to the handling of PHI data. Sep 16th, 2019
blog What are the Benefits of Cloud Computing in Healthcare? The digitization of healthcare is occurring at a blistering pace – take a second to familiarize yourself with a few key concepts. From superior data security to enabling big data applications, the benefits of cloud computing in healthcare are clear. Sep 16th, 2019
blog What Exactly is a Digital Health Application? Are digital health apps consumer-facing, or used in a clinical setting? How are they improving patient outcomes? How are digital health apps integrated into clinicians’ workflows? Sep 16th, 2019
blog What Are the HIPAA Cloud Compliance Options for Healthcare? As healthcare moves to the cloud, organizations are looking for low-cost ways to provision the complex IT infrastructure and HIPAA-compliant applications, storage, and networking solutions that support a variety of core organizational functions to healthcare providers. Aug 26th, 2019
blog Amazon ElastiCache for Redis HITRUST CSF Configuration Guide This step-by-step guide gives developers easy-to-understand instructions to configure Amazon ElastiCache for Redis instances to be HITRUST CSF ready. In the following sections we walk through the requirements, controls, and configurations for ElastiCache for Redis. Jun 11th, 2019
blog GxP and Business Associates: Does it exist like HIPAA? GxP does not have the concept or BAAs or contracts that outline risk like HIPAA does. There is no concept of inheritance or chaining liability. Learn more here. Apr 11th, 2019
blog HIPAA Contingency Planning + Disaster Recovery Business associates and subcontractors need a HIPAA disaster recovery contingency plan in place to maintain the integrity of ePHI in case of a disaster. Apr 11th, 2019
blog How to Optimize your Compliance Posture with a Maturity Model In this guide, we will walk you through the reasoning, structure, and ways to leverage a maturity model, such as the HITRUST maturity model, to optimize your compliance posture. Apr 11th, 2019
blog What is a Data Breach under GDPR and HIPAA? What is the definition of a security incident and data breach under HIPAA and GDPR and how do they compare? This article breaks down the key terminology. Apr 11th, 2019
blog Credit Card Processing & HIPAA Do I need a business associate agreement to comply with HIPAA when doing medical credit card processing for healthcare payments? Mar 19th, 2019
blog HIPAA and Multi Tenancy What exactly is multi tenant cloud and does Datica Compliant Cloud offer a multi tenant environment? Jan 31st, 2019
blog Maturity Model Level Zero: Picking a Compliance DNA In starting a compliance program, there is work to be done before you get to level one of the maturity model. We call this level zero. Nov 7th, 2018
blog Artifacts and Why They Matter for Compliance With all the attention on compliance and the need for compliance artifacts, or evidence, to be successful, it’s helpful to understand more about artifacts. Oct 24th, 2018
blog HIPAA 101 A primer The HIPAA acronym stands for the Health Insurance Portability and Accountability Act. This HIPAA primer covers HIPAA 101 basics, meaning, entitities, etc. Oct 2nd, 2018
blog HIPAA Auditing and Logging If you're going through a HIPAA security audit by a hospital or payer compliance office, auditing and logging will show that your application is secure. Oct 2nd, 2018
blog Proving HIPAA Compliance HIPAA attestation is everywhere but are they really compliant? Companies can self-attest to HIPAA compliance because there are no HIPAA certifications. Oct 2nd, 2018
blog The HIPAA Privacy Rule The HIPAA Privacy Rule is important to understand because it explains the types of data, covered entities, and uses of data HIPAA is concerned about. Oct 2nd, 2018
blog SOC 2 Type II Compliance for Cloud Computing At Datica, we are often asked about SOC 2 Type II and how it relates to HIPAA and HITRUST. This article is to help explain how a SOC 2 Type II audit compares to HIPAA compliance and other regulatory audits in the United States. Sep 5th, 2018
blog GDPR Data Breach Notification Checklist This GDPR data breach notification checklist outlines the steps that should be orchestrated by your data protection officer to ensure GDPR compliance. Jul 18th, 2018
blog GDPR Data Breach Requirements One of the most challenging aspects of any security and compliance program, including GDPR, is breach notification. Jul 18th, 2018
blog GDPR Fines and Penalties GDPR compliance is an imperative starting May, 2018 for companies who work with data on EU citizens. Understand the fines and penalties in Article 83. Jul 18th, 2018
blog GDPR for Cloud Service Providers (That's You!) Cloud Service Providers doing business in the EU are Processors under GDPR—it's kind of like being a HIPAA Covered Entity in the U.S. Read more on GDPR Service Providers. Jul 18th, 2018
blog What does it take to be a 100% HIPAA compliant cloud company? Datica has spent extensive time and money on security and organizational policies and procedures specifically to comply with HIPAA and share with our customers. Jul 18th, 2018
blog What is GxP? GxP stands for "Good Practice" and is a set of operational controls for Life Sciences organizations working within the confines of the FDA. Learn more about GxP compliance. Jul 18th, 2018
blog How does GDPR compare to HIPAA? Though different in who they apply to and how you prove compliance, HIPAA and GDPR are both about having security as a core tenet of operations. Jun 7th, 2018
blog Is HIPAA Federal or State? Find out who enforces HIPAA and how both federal and state governments are involved. Jun 7th, 2018
blog Does HIPAA Require Encryption? Data encryption and HIPAA is not as clear as you think – find out why. Dec 14th, 2017
blog HIPAA Do's and Don'ts Brush up some quick Do's and Don'ts for HIPAA and remaining in compliance. Dec 14th, 2017
blog What are HIPAA Laws? Find out why laws exist for HIPAA, a foundational piece to this compliance framework. Dec 14th, 2017
blog What are HIPAA risks? Just like anything else, HIPPA faces potential threats that are identified as "risks" that can be further segmented – find out what they are here. Dec 14th, 2017
blog What are HIPAA violations? There are many different cases and scenarios that could result in a HIPAA violation – take a look at some examples. Dec 14th, 2017
blog What are some examples of HIPAA violations? HIPAA has so many regulations that there are many types of violations on top of that you must be aware of. Dec 14th, 2017
blog What does HIPAA impact? HIPAA impacts everyday procedures within any healthcare organization, go into greater detail of what that means. Dec 14th, 2017
blog What does HIPAA training entail? The training requirements for HIPAA are extensive and are often misunderstood, we provide a few clarifications. Dec 14th, 2017
blog What is HIPAA compliant hosting? If you have a healthcare application, website or data storage, you must be in complete compliance, including how you are hosting it. So what is HIPAA compliant hosting and what does that mean? Dec 14th, 2017
blog What was HIPAA designed to do? What exactly was HIPAA designed to do? We break it down in this quick overview. Dec 14th, 2017
blog Who does HIPAA apply to? The HIPAA rules are mandatory for all covered entities and business associates but what does that mean? Dec 14th, 2017
blog 4 Challenges & Solutions for Big Data Capturing Data capturing is becoming an increasingly automated process across all modern interactions. Specifically in healthcare, electronic health record systems are digitizing existing patient records to be used in patient care, surgical procedures, and clinical trials. Jun 21st, 2017
blog What is Backend as a Service and what does it mean in a healthcare context We're working on taking much of the discovery and drudgery out of building a healthcare-specific backend process (BaaS) with Datica Compliant Cloud. Jun 21st, 2017
blog 5 HIPAA Topics to Address With Clinicians HIPAA regulations outline IT compliance in high-level detail but don't specify methods for true compliance — an obstacle for healthcare clinicians. Jun 9th, 2017
blog Inheritance and Ownership of Compliance Risk The HIPAA Omnibus Rule accounted for the paradigm shift in technology development and cloud computing. Feb 7th, 2017
blog Why is HIPAA Important? There are a few reasons HIPAA is important – get in the know with our overview. Mar 19th, 2016
blog When did HIPAA go into effect? Get a better understanding of the origination of HIPAA. Mar 10th, 2016
blog Who regulates HIPAA? HIPAA has specifications that ensure the confidentiality and privacy of protected health information that the HHS’ Office for Civil Rights is responsible for enforcing. Mar 10th, 2016