HIPAA (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information. Cloud has been revolutionary in IT infrastructure ecospace for enabling agility and reducing TCO. Companies using cloud would also benefit from certifying their cloud with all possible industry compliance.
What is HIPAA ?
Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the law enacted to protect your privacy, allow access to your medical records and designate who can speak on your behalf. This law was written for the consumer and the provider or institution.
Why is HIPAA so important ?
Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the law enacted to protect your privacy, allow access to your medical records and designate who can speak on your behalf. This law was written for the consumer not the provider or institution.
HIPAA with AWS Infrastructure
AWS has provided guidance and support for healthcare providers and companies dealing with PHI. Various features provided by AWS services can be used to make the data more secure and compliant with HIPAA. AWS offers a comprehensive set of services and features to make encryption, key management and auditing easier.
Customers who need HIPAA compliance are given a great range of flexibility to meet encryption requirements of PHI. Details about various services and features that can be used for protecting health data can be found in the White paper published by AWS.
What Beam offers for HIPAA compliance ?
- Beam HIPAA (version 5010) policy
Beam currently supports CIS Framework and PCI-DSS for AWS. To cater superior cloud compliance for our Enterprise customers Beam will now support HIPAA compliance ( version 5010) for AWS. These audits can help you in performing internal audits of your AWS infrastrucutre.
HIPAA consists of various sections, each defining a set of standards that are to be followed like Privacy Rule and Security Rule. These rules contain various sub-sections like section Part 160, Part 162, Part 164 which consist of administrative and technical safeguards that are to be followed in the organizations.
Going through these documents and following the suggested procedures can be cumbersome to the AWS users or administrators who wish to perform HIPAA compliance. Beam provides an easy and time saving solution. The Security and Compliance section now provides HIPAAv5010 policy which can be use to view all the audits that are derived from the rules and regulations laid out by HIPAA. As all these audits are placed in the same policy, it is easier to download the report, view charts based on policy compliance and also identify the issues and solve the same.
- Beam HIPAA report
Beam now provides a comprehensive overall compliance report for HIPAA. The first page of this detailed HIPAA compliant report consists of a sheet specifying the various requirements set by HIPAA and audits along with the count of issues.
Beam further makes the user’s task easier by specifying details provided under Security and privacy section of HIPAA along with the audits related to those requirements along with audit issues in the same place.
The requirements along with the issues are placed side by side in the report along with the result (Pass/Fail) which helps the user to identify the issues and correct the same. Beam provides 35+ audits related to the HIPAA compliance which are placed in the compliance report along with a comprehensive overview page
- HIPAA Policy Scorecard
Gauge your HIPAA compliance levels through policy score-card and push towards a higher score for more compliant cloud infrastructure.