Meeting HIPPA Security Standards – Colocation vs. The Cloud

The cloud is being used for a growing number of business related activities across most industries, but not all.  There are still certain industries where the cloud may not be the ideal solution.  This is particularly true in industries which have higher standards for securing information.  In these industries, colocation is still the clear winner in terms of meeting rigid regulations.  HIPPA is an excellent example of this type of situation.

What is HIPPA?

HIPPA (Health Insurance Portability and Accountability Act) has created a set of stringent standards which are applied to securing and transferring medical information.  In order to become certified, a colocation facility or data center must comply with multiple steps.  They include training, reporting, data security guarantees, and undergoing regular government audits.  Even the smallest breach of these regulations can result in significant fines and penalties for the business.  Some of the types of businesses which fall under the purview of HIPPA include hospitals, medical billing organizations, insurance companies, and medical care providers (including dental and vision).

Can the Cloud Meet HIPPA Security Standards?

HIPPA has made transitioning to the cloud increasingly difficult for companies.  This is primarily because companies are not able to guarantee the security of their data through every point of data movement.  A single insecure connection between the origin of the data and its destination presents a potential for data theft or loss and the cloud utilizes a large number of connections to transfer data.

Can Colocation Meet HIPPA Security Standards?

Colocation is a more reliable and secure approach to data protection.  This makes colocation an ideal solution for businesses who must meet HIPPA security standards.  Colocation facilities utilize private, caged environments which medical organizations can use to store their data off-site.  There are a growing number of HIPPA certified colocation facilities which guarantee medical organizations and hospitals adequate levels of data security.

Additional Reasons Colocation is Better than the Cloud at Meeting HIPPA Security Standards

  • Storage Location

Medical data should never be stored offshore because it becomes subject to additional international laws which create a greater compliance risk.  With the cloud, the exact location of data may be unknown whereas colocation allows companies to choose the storage location themselves.

  • Data Movement

Another risk of using the cloud is virtual servers and data are frequently moved from one location to another.  Not only does this create a potential security hazard during the data transfer, but portions of the data may remain.  To truly delete data in a cloud environment, users must also delete the index and overwrite the data blocks.  Colocation provides an option which puts companies in complete control over data transfer and deletion.

  • Reporting Access to Patient Information

HIPPA requires medical providers to tell patients about their data handling practices.  Cloud providers rarely, if ever, disclose their internal information security practices, which makes this tenant of HIPPA impossible to meet.  On the other hand, colocation ensures the medical providers are in complete control at all times.  This makes it easy for them to tell patients exactly how their data is being stored and protected.

While the cloud is proving to be an ideal solution for a variety of situations, it is not yet secure enough to meet stringent data security regulations such as HIPPA.  Any time data security is a premium concern, colocation is still a better option.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)