Datica Guides

HIPAA / HITRUST Self Assessment Guide

Are you sure your product is HIPAA compliant?

With expert authors:

This HIPAA worksheet is meant to illuminate the cloud requirements of HIPAA that you need to plan for in your own digital health product. What does "HIPAA Compliant" really mean? Frequently it is just a marketing label that some companies bestow upon themselves and not really an attestation of compliance. That's risky.

A more comprehensive risk assessment, such as the HITRUST CSF Self-Assessment, is also necessary. Use this checklist to understand what compliance controls are needed, and assess your compliant state at several cloud layers:

  • The Physical Layer

  • The Operating System and Application Layers

  • The Administrative Layer

Once you've completed this checklist you'll have a much better understanding of what it will take to be HIPAA compliant in the cloud.


Previously
Next