Monday, July 24, 2017

OCR updates guidance for HIPAA organizations’ use of cloud computing services

PARCA eNews – July 3, 2017 – The Office for Civil Rights (OCR) has issued updated guidance for HIPAA-covered organizations regarding the use of cloud computing and file sharing tools such as Sharepoint and DropBox and others.

Questions about whether and how organizations can take advantage of these tools while maintaining HIPAA privacy and security compliance. Lumping them into the term of cloud services providers (CSPs) the OCR’s guidance answers 11 questions ranging from "Can a HIPAA covered organization use CSPs to questions about security, privacy and breach notification.

The guidance goes into some detail about encryption and use of cloud computing for storage of electronic patient information as well as other uses and considerations.


No comments:

Post a Comment