Healthcare IT organizations, ever aware of their responsibility to safeguard PHI, have been slow to adopt public cloud technology due to security and compliance concerns. Driven by mounting pressure to rapidly implement new clinical initiatives, provide greater system interoperability, support evolving payment models, and improve cost efficiencies, savvy HIT leaders are now evaluating the use of public cloud as a necessity to future success.
However, the key concerns and questions still remain:
- Are all public cloud service providers (CSP) the same?
- How does an HIT organization choose the best CSP for their needs?
- What in-house expertise is required for an HIT organizations to manage a public cloud infrastructure?
- Can an HIT organization maintain HIPAA compliance using a public CSP?
- What tools are available to continuously manage compliance and security requirements?
- Is the BAA sufficient to mitigate risk?
This educational piece will help your healthcare organization develop a roadmap for moving PHI workloads to the public cloud while mitigating risks to achieve the highest possible standards in security and compliance.