Do I need HIPAA Compliance?
If your business is engaged with patient data, you likely need to be concerned about HIPAA compliance. As an overview, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) applies to health care providers engaged in certain electronic transactions, health plans, and businesses that provide services that involve access to Protected Health Information (PHI). PHI data is defined as personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes. With the power of AWS and Easy Cloud by your side, we can bring you into compliance to securely process, store, and transmit PHI data.
Business Associate Agreement (BAA)
All HIPAA applications deployed in the cloud require the customer to sign a Business Associate Agreement (BAA). Customers who execute a BAA with Easy Cloud may use any AWS service in an account designated as a HIPAA Account, but they may only process, store and transmit PHI using the HIPAA-eligible services defined in the AWS BAA as boundary services.
HIPAA was expanded in 2009 by the Health Information Technology for Economic and Clinical Health (HITECH) Act which establish a set of federal standards intended to protect the security and privacy of PHI. HIPAA and HITECH impose requirements related to the use and disclosure of PHI and appropriate safeguards to protect PHI data through the usage of centralized event management as well as anti-virus, malware intrusion detection systems.
AWS Reduces Instance Cost Complexity
HIPAA Compliance on AWS no longer requires Dedicated EC2 instances to run in your AWS account. This change can significantly reduce your cost of HIPAA deployments within AWS and Easy Cloud. On average, our customers save around 10% on EC2 instances plus the cost of the AWS dedicated instance region fee which is currently $2 an hour as of writing this.
Picking a Service Partner
AWS Operates as a shared responsibility mode, they provide pre-certified services that can be used for HIPAA related compliance workloads. While the AWS Service offerings are great, they will not assume risk as to how your application stacks are configured within an AWS Account and if it falls within compliance. With Easy Cloud being a HIPAA compliant company, we can help and guide you through all the necessary steps to achieve the security and peace of mind needed for your PHI data.