Prescriptive Compliance is how Healthcare Adopts the Cloud
If you are big...
Large healthcare organizations are hesitant to migrate to AWS or Azure because they are concerned compliance requirements aren't being met. When they can't be sure, they stick with old infrastructure.
If you are new...
Emerging digital health products can't break through to their hospital, pharma, or payer market unless they demonstrate compliance and security credibility from Day 1. Compliance is central to the business model.
Datica solves your problem
The Datica Platform is a prescriptive way for any healthcare technology team to manage compliance on the cloud, giving healthcare the assurances it needs to adopt the benefits of the cloud.
Datica is HITRUST CSF Certified.
Customers benefit from serious credibility and accelerated audits with customers like hospitals, payers, and pharma.
HITRUST is the most important prescriptive compliance framework in healthcare. It helps give enterprises assurances that they can use the cloud as if compliance didn't exist, while giving digital health companies a shortcut to credibility.
General Data Protection Regulation
Good practices for Life Sciences on the Cloud
The European Union has created a new authoritative regulation on consumer data called GDPR. Fines start being handed out on May 25th, 2018. The regulation applies to all EU citizens regardless of service or where the data lives. Protected Health Information (PHI) is scoped within GDPR, so any healthcare organization who might service European Union citizens will be affected by it.
Are you ready? Datica has gone through the necessary audits to ensure it is compliant with the regulation.
GxP stands for “Good Practice” and is a set of operational controls for Life Sciences organizations working within the confines of the FDA.
The FDA publishes its regulations on the back of NIST, which is why GxP largely follows NIST standards. There is no one authoritative documentation source for GxP, like we have the 2013 Omnibus for HIPAA or Articles from the European Union on GDPR. Instead, GxP is an industry-accepted definition of best practices mapped to FDA regulations.
Open sourced company policies give healthcare organizations a headstart
What people are saying about Datica’s Open Source Policies
"We believe that for Datica to open source these documents is truly ground breaking in healthcare IT.
In the past we’ve spent an enormous amount of funds creating & updating our policies. We have yearly evaluations of our policies in October and this past October (2014) we were able to update and implement a number of improvements to our existing policies all based off the information we gathered from Datica's policies. This cost us zero dollars in comparison to our expensive updating of policies in prior years.
This is definitely the first time we have seen policies open sourced and we applaud the use of tools like GitHub to manage version control of all policies.
I think this could be revolutionary in helping the industry as a whole collaborate to improve privacy and security practices by gathering information from the highest level security/privacy experts in the field and making it available via similar open source methods.”
CEO & Cofounder, Eligible Inc.
We’re dedicated to making the industry better
In 2014 Datica open sourced our company policies under a a CC BY-SA 4.0 license. Since then the response has been overwhelmingly positive—we have had more activity on GitHub than governmental institutions like the FDA. Along the way we’ve helped hundreds of businesses get started by eliminating this portion of HIPAA compliance as a burden.
Our policies have been written with modern, cloud-based technology vendors in mind. We looked far and wide for policy examples that fit our company, and couldn’t find any. So we wrote our own. Importantly, these policies have been through multiple external audits—two HIPAA audits and one HITRUST audit.
Do you handle PHI and not yet have your own company policies in place? Then you’ll find our content useful.Policies Overview