{"id":1577,"date":"2011-09-13T00:00:00","date_gmt":"2011-09-13T00:00:00","guid":{"rendered":"http:\/\/otava.test\/passing-a-hipaa-audit-achieving-hipaa-compliant-data-centers\/"},"modified":"2011-09-13T00:00:00","modified_gmt":"2011-09-13T00:00:00","slug":"passing-a-hipaa-audit-achieving-hipaa-compliant-data-centers","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/passing-a-hipaa-audit-achieving-hipaa-compliant-data-centers\/","title":{"rendered":"Passing a HIPAA Audit & Achieving HIPAA Compliant Data Centers"},"content":{"rendered":"

After an extensive amount of work from our team last quarter, Online Tech is now the first managed data center operator in Michigan to achieve HIPAA compliance.<\/p>\n

We recently passed our HIPAA audit with 100% compliance, as verified by independent Certified HIPAA Professionals (CHP) and Certified Health Security Specialists (CHSS). The report shows our Michigan data centers<\/a> and hosting solutions comply with all 54 HIPAA citations, including the complete set of 136 audited components.<\/p>\n

\"HIPAA<\/a>
HIPAA Compliance<\/figcaption><\/figure>\n

HIPAA and HITECH<\/strong><\/p>\n

HIPAA, the Health Insurance Portability and Accountability Act, is a government-regulated set of guidelines intended to protect patient health information. The two HIPAA rules include the HIPAA Privacy Rule that concerns protected health information<\/a> (PHI) in all forms, while the HIPAA Security Standard applies to electronic protected health information (EPHI) transmitted or maintained in electronic form.<\/p>\n

The 2009 HITECH Act specifies that business associates, such as third-party data hosting providers, also need to follow HIPAA privacy and security laws. Online Tech\u2019s audit report covers both regulation standards with attention to data security and protection controls.<\/p>\n

Why HIPAA Hosting – and Why Now?<\/strong><\/p>\n

Health IT and security have become top priority due to recent government initiatives to advance healthcare by upgrading old paper systems to electronic medical record (EMR) systems. Motivated by impending federal fines for data breaches and rewarding stimulus packages, the healthcare industry has been scrambling to find compliant and cost-effective IT solutions.<\/p>\n

Many healthcare-related organizations seek HIPAA hosting<\/a> vendors due to the costs and complexity of building and maintaining an in-house IT infrastructure to support the large quantity of their sensitive health data.<\/p>\n

Online Tech\u2019s HIPAA Compliant Hosting<\/strong><\/p>\n

Although HITECH and HIPAA dictate that protected health information (PHI) needs to be private, secure and available for access, specific technical aspects aren\u2019t outlined. But HIPAA law does require a designed package or plan to achieve privacy and security safeguards, which is where Online Tech can help healthcare organizations.<\/p>\n

Some examples of HIPAA safeguards and requirements include:<\/p>\n