Healthcare organizations adopt innovations at a fast speed, and cloud computing is no exception. Offering scalability, cost-efficiency, and flexibility — everything needed to make data storage easy and convenient, cloud solutions are very promising for the sector. At the same time, they are still facing numerous security risks, so before deciding on this option, healthcare providers must learn how regulations applied in the industry influence the implementation of such solutions. And most of the attention has to be paid to HIPAA compliance.
This post aims at showing how HIPAA-HITECH impacts the migration to, the development and adoption of cloud solutions. Nevertheless, let’s start with some statistics on cloud solutions used by healthcare organizations.
Cloud Solutions in Healthcare — Statistic Data
The first thing to mention here is that cloud solutions gain popularity among health organizations of various sizes. As a study conducted by HIMSS Analytics shows, 65% of healthcare organizations in 2017 took advantage of cloud or cloud services. The most popular services defined were SaaS (software as a service development), disaster recovery, and cloud hostings. 84% out of 50 respondents from the largest healthcare organizations in the US stated that they use cloud services for IT and administrative functions (81% out of 84%), for analytics (57% out of 84%), and clinical applications and external data sharing (40,5% out of 84%). At the same time, and 74% out of 50 respondents expressed their wish to move existing or new workloads to the cloud. The study showed that the most common use of the cloud among these organizations is for hosting analytics applications and data: 48% of organizations dealing with cloud providers did it for storing data, including patient healthcare data (PHI). So there’s no surprise why adherence to regulatory requirements such as HIPAA and HITECH topped the list of factors that were considered by these organizations when they decide on a cloud service provider. HIPAA HITECH compliance was marked as the top priority for 54% of these organizations, followed by the willingness to meet BAA requirements —38%, and then technical security —32%.
So what is HIPAA compliance and why it is so important for cloud service – healthcare organization relations? Let’s try to find this out.
How Introduction of HIPAA-HITECH Affected Cloud Adoption
To start with, let’s define HIPAA.