News and blog posts related to hosting for healthcare organizations and HIPAA compliance.

Otava Launches New Suite of Veeam-Powered Cloud Backup Solutions
Nov19

Otava Launches New Suite of Veeam-Powered Cloud Backup Solutions

Otava, a provider of secure, compliant hybrid cloud solution provider for enterprises and channel partners, has announced it has expanded its Veeam-powered offerings with a new suite of Veeam Availability Suite cloud-backup solutions which give its customers greater flexibility and control over their backup and disaster recovery environments. Three new solutions have been added to the Otava portfolio which will help its clients and partners manage all of their cloud backups through a single console. The three new additions are: Otava Cloud Connect, Otava-Managed Cloud Backup, and Self-Managed Cloud Backup. Otava Cloud Connect can be used as a primary or secondary data repository, irrespective of where data resides. This cloud backup solution protects against data loss in the event of a ransomware attack or other malicious cyberattack. The solution incorporates Veeam insider Protection and creates a 7-day backup window with an extra copy of the user’s data which can be used if data is remotely wiped. Otava-Managed Cloud Backup helps businesses protect mission-critical data and focus...

Read More
Connectria Acquires AWS Migration and Consultancy Firm WSM International
Nov19

Connectria Acquires AWS Migration and Consultancy Firm WSM International

The hosting company Connectria has announced it has acquired St Clair Shores, MI-based WSM International. For the past 15 years, WSM International has been helping small- and mid-sized companies and enterprises migrate to the cloud and reach their digital transformation goals. WSM International has provided cloud & hybrid cloud consultancy and advisory services to hundreds of firms, has completed thousands of successful migrations to Amazon Web Services (AWS) and Microsoft Azure, and now has more than 1,000 customers around the world, employs almost 250 people, and generates $60 million in annual revenues. Connectria provides cloud-managed services and management tools for customers that have already transitioned to the cloud and helps then reduce their cloud costs and comply with regulations such as HIPAA, GDPR, and PCI. What Connectria was missing was a professional services team that could help new customers migrate to the cloud, hence the decision to acquire WSM International and bring the company under the Connectria umbrella. “We’re pleased to be joining the Connectria...

Read More
Rackspace Acquires Cloud-Native Consulting and Managed Services Company, Onica
Nov05

Rackspace Acquires Cloud-Native Consulting and Managed Services Company, Onica

Rackspace has announced that it will be acquiring the cloud-native consulting and managed services company, Onica for an undisclosed sum. An agreement has been reached to acquire the Santa Monica, CA-based firm, which will give Rackspace new professional services capabilities in areas such as strategic advisory, architecture and engineering, and application development. Onica is a fairly young company, having only been formed in 2014, yet during the past 5 years the company has amassed more than 350 skilled consultants across the United States and holds competencies in DevOps, IoT, Microsoft Workloads, data and analytics, migration and storage, education, healthcare, and industrial software. The company is regularly included in Inc. Magazine’s best places to Work list and has also achieved fifth spot in CRN® Fast Growth 150 list. Onica helps companies build new revenue streams and improve efficiency through adoption of the cloud. The company has helped companies acquire the innovative capabilities of the cloud and has implement some of the most complex technology projects the world...

Read More
Webinar: Atlantic.Net and Compliancy Group Offer Help on Cybersecurity and HIPAA Compliance
Oct23

Webinar: Atlantic.Net and Compliancy Group Offer Help on Cybersecurity and HIPAA Compliance

The HIPAA-compliant hosting company, Atlantic.net, is teaming up with HIPAA-compliance specialists Compliancy Group for a webinar to explain some easy-to-implement steps healthcare organizations can take to quickly improve their security posture, become more resilient to cyberattacks, and ensure they continue to stay compliant with HIPAA regulations. Healthcare organizations are being targeted by cybercriminals for the data they hold. Patient data can be sold for big bucks on the black market, there a growing trade in stolen healthcare login credentials, and ransomware is being used to extort money from hospitals and medical practices. For the past two months, healthcare data breaches have been reported at a rate of more than 1.5 per day, which is twice the rate of 2018. Cybersecurity has never been more important. Many practices lack the internal resources to devote to cybersecurity and budgets are stretched. Finding the funds to devote to improving cybersecurity protections can be a major challenge, so it is important to ensure any additional funding is well spent. In the...

Read More
iland Enhances Catalyst Cloud Migration Tool
Sep16

iland Enhances Catalyst Cloud Migration Tool

The Houston, TX-based cloud service provider, iland, has announced that it has enhanced its complimentary Catalyst cloud migration tool. The tool can be used by companies to help plan migrations to the cloud from traditional data centers and ensure they right-size their cloud environments and avoid under- and over-provisioning. When migrating from traditional data centers to cloud-based infrastructure, businesses have to predict what resources they will need. Decisions are made based on the size of applications, the frequency of use, and it is also necessary to determine whether certain workloads are actually compatible with cloud services. Businesses must also assess the costs involved to determine whether cloud migration is viable and cost-effective. The Catalyst cloud migration tool takes the guesswork out of the equation and allows businesses to accurately estimate the service costs per month as well as ad hoc costs. The tool also helps determine whether DRaaS, BaaS, and cloud migration is feasible and allows businesses to get things right first time around. The latest update...

Read More
Liquid Web and Nexcess Join Forces
Sep06

Liquid Web and Nexcess Join Forces

Liquid Web, a provider of managed hosting and managed application services to small to medium sized businesses, has joined forces with the managed web hosting provider for eCommerce platforms, Nexcess. Liquid Web believes the new partnership will help with its goal of dominating the web hosting market for SMBs by providing a more comprehensive range of services for SMB customers. The partnership will open up the Nexcess cloud to Liquid Web customers and will allow them to benefit from Nexcess technology and scalability. Nexcess will be provided with greater scale and capital to ensure long term growth and its customers will have easy access to Liquid Web’s plans and hosting services. The partnership will combine the expertise of both companies – Liquid Web on WordPress and WooCommerce and Nexcess on Magneto – and will the clolud experts and both firms keep developing new products and open source platform capabilities to better serve the SMB market. Together, the companies have 650 employees, operate 11 data centers, and offer a full-service application web hosting and managed...

Read More
iland Expands and Enhances its Global Channel Sales Program
Sep05

iland Expands and Enhances its Global Channel Sales Program

iland, a provider of VMware-based secure, cloud backup and disaster recovery solutions, is expanding and enhancing its global channel sales program due to increased customer demand and significant partner growth. Initially, iland was focused on helping small- and mid-sized companies by implementing and testing cloud-based infrastructure, backup and disaster recovery solutions when they lacked the resources to do it alone; however, the company is now serving a much broader customer base including enterprise customers through a network of managed service providers and resellers. The expansion of its channel sales program includes a new partner portal for training, certification, and sales management to help partners meet the needs of their customers and generate more sales. Partners are also given a free cloud assessment tool to help them manage data and cloud workloads effectively and efficiently and simplify the journey to the cloud. The Catalyst cloud assessment tool helps customers determine the required bandwidth and capacity and right-size their cloud environment to minimize...

Read More
Rackspace Announces Major Enhancements to its Hybrid Cloud Portfolio
Sep01

Rackspace Announces Major Enhancements to its Hybrid Cloud Portfolio

Rackspace has enhanced its hybrid cloud portfolio and is now providing customers with access to advanced services that are intended to help them modernize their IT environments as easily and quickly as possible to benefit from the flexibility and scalability of the cloud. Five major updates have been made to its services that will improve support for customers with that have adopted a hybrid architecture. Rackspace is now offering advanced cloud-native support, API management, external storage for VMware on AWS, managed guest OS, advanced Kubernetes and container enablement services, application and data integration, and managed security services. “Our new set of advanced hybrid cloud services, backed by our industry leading service blocks framework, provide customers the expertise necessary to help navigate through their hybrid cloud journeys,” said Vikas Gurungunti, EVP and GM of Solutions and Services at Rackspace. The key new enhancements are: Managed VMware Cloud on AWS – Rackspace customers can now use VMware HCX and Managed Guest OS Services for their VMware CloudTM on AWS...

Read More
iland is Now VMware Cloud Certified
Aug27

iland is Now VMware Cloud Certified

The global cloud service provider iland has announced it has achieved VMware Cloud Verified status. VMware Cloud Verified status confirms the secure iland cloud platform integrates with VMWare-based services and that iland’s services can be run on top of the complete VMware Cloud infrastructure. iland has a long history of working with VMware and has helped several thousand VMware customers protect their data and applications in the cloud. iland’s cloud platform fully integrates with VMware services, providing customers with a familiar experience across iland’s infrastructure-as-a-service (IaaS), backup-as-a-service (BaaS), and disaster recovery-as-a-service (DRaaS) offerings. The VMware Cloud Certified badge confirms that VMware cloud infrastructure users are able to retain the full capabilities of VMware Cloud infrastructure such as interoperability, flexibility, and cost optimization, while taking advantage of iland’s IaaS, Baas, and DRaaS services. Under the VMware Partner Program, companies that have been VMware Cloud Verified have been confirmed as being able to offer the...

Read More
Liquid Web Named in Inc. 5000 List of Fastest Growing U.S. Companies for 12th Time
Aug16

Liquid Web Named in Inc. 5000 List of Fastest Growing U.S. Companies for 12th Time

Liquid Web has announced it has been named in the Inc. 5000 list of the fastest growing companies in the United States for the 12th time. The Inc. 5000 list is released each year to honor the most successful privately-held companies in the United States – Those that have recorded consistent high growth over the previous three years. To be considered for inclusion in the list, for-profit companies must be privately held and not a subsidiary or division of another company up until December 2018. Each company is assessed and ranked on percentage revenue growth from 2015 to 2018. Each company must have generated a minimum revenue of $100,000 in 2015 and a minimum revenue of $2 million in 2018. Other factors taken into consideration are the number of employees, location, and industry sector. Many companies apply for inclusion in the list but fail to rank in the top 5000. A large percentage of the tens of thousands of applicants fail to achieve consistent high growth and are only included once, if they make the grade at all. Many are included in the list just once as they are...

Read More
Can You Make WordPress HIPAA Compliant?
Aug03

Can You Make WordPress HIPAA Compliant?

WordPress is a convenient content management system that allows websites to be quickly and easily constructed. The platform is popular with businesses, but is it suitable for use in healthcare? Can you make WordPress HIPAA compliant? Before assessing whether it is possible to make WordPress HIPAA compliant, it is worthwhile covering how HIPAA applies to websites. HIPAA and Websites HIPAA does not specifically cover compliance with respect to websites, HIPAA requirements for websites are therefore a little vague. As with any other forms of electronic capture or transmission of ePHI, safeguards must be implemented in line with the HIPAA Security Rule to ensure the confidentiality, integrity, and availability of ePHI. Those requirements apply to all websites, including those developed from scratch or created using an off-the-shelf platform such as WordPress. Websites must incorporate administrative, physical, and technical controls to ensure the confidentiality of any protected health information uploaded to the website or made available through the site. HIPAA-covered entities must...

Read More
Is iCloud HIPAA Compliant?
Aug01

Is iCloud HIPAA Compliant?

Is iCloud HIPAA compliant? Can healthcare organizations use iCloud for storing files containing electronic protected health information (ePHI) or sharing ePHI with third-parties? This article assesses whether iCloud is a HIPAA compliant cloud service. Cloud storage services are a convenient way of sharing and storing data. Since files uploaded to the cloud can be accessed from multiple devices in any location with an Internet connection, information is always at hand when it is needed. There are many cloud storage services to choose from, many of which are suitable for use by healthcare providers for storing and sharing ePHI. They include robust access and authentication controls and data uploaded to and stored in the cloud is encrypted. Logs are also maintained so it is possible to tell who accessed data, when access occurred, and what users did with the data once access was granted. iCloud is a cloud storage service that owners of Apple devices can easily access through their iPhones, iPads, and Macs. iCloud has robust authentication and access controls, and data is encrypted in...

Read More
Atlantic.Net Celebrates 25 Years as Internet and Cloud Services Provider
Aug01

Atlantic.Net Celebrates 25 Years as Internet and Cloud Services Provider

Atlantic.Net, a cloud service provider that specializes in HIPAA-compliant hosting for the healthcare industry, is celebrating its 25th anniversary this year. The company was formed in 1994 as an Internet service provider, but over the years has adapted with the latest technology trends and in 2009 transitioned into cloud services. Over the next 10 years the company further developed its hosting platform and associated services and is now a major cloud services provider with more than 15,000 business clients in over 100 countries. “What started as an ISP in a university dorm has evolved into a leading Cloud Services Provider that our clients have come to rely on for powering their businesses, securing their data, and ensuring compliance and business continuity,” said Atlantic.Net Founder, President, and CEO, Marty Puranik. “By offering optimized Cloud and traditional hosting that protects and scales with our customer’s businesses, we have grown into an international brand with a computing presence in multiple countries. We thank our loyal staff and clients, without whom our success...

Read More
HIPAA Compliance and Cloud Computing Platforms
Jul28

HIPAA Compliance and Cloud Computing Platforms

Before cloud services can be used by healthcare organizations for storing or processing protected health information (PHI) or for creating web-based applications that collect, store, maintain, or transmit PHI, covered entities must ensure the services are secure. Even when a cloud computing platform provider has HIPAA certification, or claims their service is HIPAA-compliant or supports HIPAA compliance, the platform cannot be used in conjunction with ePHI until a risk analysis – See 45 CFR §§ 164.308(a)(1)(ii)(A) – has been performed. A risk analysis is an essential element of HIPAA compliance for cloud computing platforms. After performing a risk analysis, a covered entity must establish risk management policies in relation to the service – 45 CFR §§ 164.308(a)(1)(ii)(B). Any risks identified must be managed and reduced to a reasonable and appropriate level. It would not be possible to perform a comprehensive, HIPAA-compliant risk analysis unless the covered entity fully understands the cloud computing environment and the service being offered by the platform...

Read More
Is Amazon CloudFront HIPAA Compliant?
Jul28

Is Amazon CloudFront HIPAA Compliant?

Is Amazon CloudFront HIPAA compliant and can the web service be used by HIPAA covered entities without violating HIPAA Rules? In this article, we determine whether Amazon CloudFront supports HIPAA compliance or if it should be avoided by HIPAA-covered entities. What is Amazon CloudFront? Amazon CloudFront is a web service that allows users to speed up web content delivery over the Internet and for website hosting. Typically, when a website is accessed, the visitor experiences some latency accessing static and dynamic content. The reason for this is visitors will not make a direct connection to the content, instead they will be routed through a path to reach the server where the content can be accessed. The path can involve many routing points, will inevitably have an impact on the speed at which content can be accessed. By using a content delivery network such as Amazon CloudFront, it is possible to reduce latency and improve reliability and availability of web content. By delivering content via a network of data centers (edge locations), users are routed to the nearest location...

Read More
How to Choose the Right Healthcare Cloud Provider
Jul24

How to Choose the Right Healthcare Cloud Provider

Healthcare organizations often turn to a HIPAA compliant cloud vendor or Managed Service Provider to help them ensure electronic patient records are secured and they are in compliance with the Health Insurance Portability and Accountability Act (HIPAA). HIPAA contains an extensive set of rules for healthcare organizations which were introduced in 1996 to improve privacy and security of patient information, eliminate waste in healthcare, and combat fraud. This legislative act introduced new and legally binding requirements for healthcare providers to secure their systems, improve privacy and security protections, and keep health data private and confidential at all times. The Act and its subsequent updates have served to strengthen privacy protections, give patients new rights, and ensure that all healthcare organizations achieve a minimum standard of data security. It may seem that HIPAA is at odds with cloud computing, but there is nothing in HIPAA legislation that prohibits use of the cloud for sharing or storing patient data. HIPAA covered entities can use cloud platforms and...

Read More
Is IBM Cloud HIPAA Compliant?
Jul23

Is IBM Cloud HIPAA Compliant?

Is IBM Cloud HIPAA compliant? Is the cloud platform suitable for healthcare organizations in the United States to host infrastructure, develop health applications and store files? In this post we assess whether the IBM Cloud supports HIPAA compliance and the platform’s suitability for use by healthcare organizations. IBM offers a cloud platform to help organizations develop their mobile and web services, build native cloud apps, and host their infrastructure along with a wide range of cloud-based services for the capture, analysis, and processing of data. The platform has already been adopted by many healthcare providers, payers, and health plans, and applications and portals have been developed to provide patients with better access to their health information. IBM Cloud Security IBM is a leader in the field of network and data security, and its expertise has meant its cloud platform is highly secure. Security is built into the core of all of the firm’s software and services to ensure that sensitive data remains confidential and cannot be accessed by unauthorized individuals. Its...

Read More
Rackspace Forms Strategic Partnership with Tech Mahindra
Jul15

Rackspace Forms Strategic Partnership with Tech Mahindra

Rackspace has formed a new strategic partnership with the digital transformation, consulting, and business reengineering service provider, Tech Mahindra. Tech Mahindra is a USD 4.9 billion company with more than 121,000 associates in 90 countries. The firm helps companies by providing innovative customer-centric IT experiences and delivers convergent, digital, design experiences, along with innovation platforms that connect across a wide range of technologies to provide customers with tangible business value. Rackspace is a leading cloud service provider offering a range of hosting services, and managed application, data, and security to help its clients during every stage of their digital transformation and accelerates the value of the cloud. The new strategic partnership will allow cross-selling to Tech Mahindra’s customer base and will include joint service offerings. It will also allow Rackspace to improve its business applications and processes and execute a new go-to-market commercial model. “Our partnership with Tech Mahindra is a powerful combination,” said Subroto Mukerji,...

Read More
Hospital Quality Institute Chooses Otava Virtual Private Cloud Environments for Sensitive Healthcare Data
Jul13

Hospital Quality Institute Chooses Otava Virtual Private Cloud Environments for Sensitive Healthcare Data

The Ann Arbor, MI-based cloud services company, Otava, has announced it has been chosen by the Hospital Quality Institute to host sensitive healthcare data in two new virtual private cloud environments. The Hospital Quality Institute was created by the California Hospital Association, Hospital Association of San Diego and Imperial Counties, and Hospital Council of Northern and Central California to help gauge the performance of hospitals in California and identify areas where improvements can be made to quality and patient safety. In order to assess hospital quality and patient safety, the Hospital Quality Institute collects data from hospitals and, through accurate metrics, provides valuable information to California Hospital Association members that allows them to demonstrate success, improve quality, and enhance patient safety. Rather than host its databases on-premises, the Hospital Quality Institute is using the cloud to host sensitive healthcare data and, by so doing, gain significant resource and cost benefits. Since the Hospital Quality Institute is required to comply with...

Read More
Connectria Named One of Top 100 Places to Work in 2019
Jun25

Connectria Named One of Top 100 Places to Work in 2019

The managed cloud and managed service provider, Connectria, has been named one of the top 100 places to work in IT in 2019 by IDG’s Computerworld. The company ranked #13 in its small organization ranking (fewer than 100 U.S. employees). This is the sixth consecutive year that Connectria has been included in Computerworld Best Places to Work in IT list: A ranking of the companies with the best work environments, where employees are challenged, allowed to grow, develop and advance, and are rewarded for their efforts with excellent compensation and great benefits. “Our 2019 survey shows again that the Best Places to Work in IT are dynamic organizations that provide top pay and a broad array of programs and benefits designed to make them attractive places to work,” said Computerworld executive editor, Ken Mingis. To compile the list, Computerworld uses a comprehensive questionnaire that quizzes companies on remuneration, benefits, career development paths, training, support, and employee retention. In addition, IT workers at each firm provide their feedback on the company which heavily...

Read More
iland Named Leader in Gartner Magic Quadrant for Disaster Recovery as a Service
Jun20

iland Named Leader in Gartner Magic Quadrant for Disaster Recovery as a Service

For the fourth year in a row, iland has been named a leader in the Gartner Magic Quadrant for Disaster Recovery as a Service. The Gartner Magic Quadrants are graphical representations of the key providers of technology solutions to enterprises. Gartner assesses companies based on their completeness of vision and their ability to execute that vision. The assessments see companies assigned to one of four categories: Niche players, visionaries, challengers, and leaders. In the latest Magic Quadrant for Disaster Recovery as a Service, iland achieved the fourth highest score for ability to execute out of the 22 companies included in the report and retained its position as a leader for the fourth consecutive year. With so many companies now providing disaster recovery as a service, competition is fierce. Recently over 7 companies that have developed DRaaS offerings have been acquired by other companies or have experienced serious financial difficulties. iland on the other hand is going from strength to strength. The company has been providing DRaaS offerings for 12 years and is still one...

Read More
iland Launches Autopilot Managed Recovery for Disaster Recovery as a Service
Jun06

iland Launches Autopilot Managed Recovery for Disaster Recovery as a Service

The cloud-based data protection and disaster recovery specialist, iland, has launched a new, highly automated disaster recovery solution. The new offering – Autopilot Managed Recovery for Disaster Recovery as a Service (DRaaS) – is a fully managed business continuity solution that has been developed to help businesses speed up application recovery following a data loss event or downtime. Autopilot Managed Recovery is integrated with Veeam and Zerto, but customers do not interact directly with that technology, which simplified disaster recovery. The solution is ideally suited to organizations with limited DR experience and internal disaster recovery resources and allows them to keep their business online and mission-critical applications available. The solution is easy to implement and maintain, and extensive support is offered, both pre-sales in the project management, planning and design stage, through to deployment and the entire customer life cycle. As the name suggests, Autopilot Managed Recovery includes fully-managed failover/failback of virtual machines, managed...

Read More
UMC Physicians Discovers Patient Information Was Uploaded to Unapproved and Unsecured Cloud Service
May15

UMC Physicians Discovers Patient Information Was Uploaded to Unapproved and Unsecured Cloud Service

The Lubbock, TX-based medical group UMC Physicians is alerting patients of UMC Southwest Gastroenterology that some of their protected health information has been exposed as a result of errors of judgement by two of its employed providers. Those providers had each set up a Google shared drive which was used to track follow up tasks related to the provision of care to patients. While the shared drives were set up with good intentions and were intended to help improve the care provided to patients, the providers used an unapproved cloud storage solution and patient data was inadvertently stored on an unsecured network. UMC Physicians discovered the policy violation on March 12, 2019 and launched an investigation to determine which patients’ protected health information had been exposed. During the course of that investigation, UMC Physicians determined that one of the providers had also been forwarding emails containing patient information to an unsecured Gmail account. The types of information that had been stored on the unsecured network and emailed to the Gmail account included...

Read More
TrueVault Launches TrueVault Atlas Cloud
May05

TrueVault Launches TrueVault Atlas Cloud

TrueVault has announced it has launched a new cloud-based version of TrueVault Atlas, the self-managed solution that generates automatic alerts when personal data is moved to a location where it should not be saved. TrueVault Atlas also includes automation tools to allow companies to automatically rectify issues with personal data, including erasing or exporting that data to prevent any compliance issues. This is possible because TrueVault Atlas continuously indexes data in a range of different third-party systems such as SalesForce, Gmail, and databases such as MySQL and Postgres. All data is catalogued, allowing it to be quickly located when needed. Companies can therefore be certain that they know all locations where data is saved at all times. This is particularly important for any company that is required to comply with the EU General Data Protection Regulation. It ensures that if an EU citizen requests a copy of their personal data or exercises their right to be forgotten, all copies of that data can be quickly and easily found, and requests can be processed quickly. The...

Read More
Online Tech Rebrands as Otava
Apr22

Online Tech Rebrands as Otava

The web hosting company Online Tech has announced it has rebranded as Otava. The company claims the new name better reflects its staff, partnerships, vision, and commitment to providing exceptional hosting services. Online Tech started life in 1994 and initially provided regional dial up internet services. The company then moved into data hosting and colocation services and was one of the first web hosting providers to offer a HIPAA-compliant hosting service for healthcare organizations in the United States. While the name Online Tech has served the company well for 25 years, the company has recently been enjoying a period of sustained growth and has expanded its operations globally and developed a range of new services, helped by investment from Schurz Communications in February 2018 and the acquisition of the cloud infrastructure assets of Neverfail in December 2018. The name change was required to better reflect the company’s vision and position as both a channel-ready partner and a provider of enterprise-ready cloud solutions. The new company name has two meanings. It means to...

Read More
CRN Names Atlantic.Net 2019 Tech Elite Solution Provider
Apr18

CRN Names Atlantic.Net 2019 Tech Elite Solution Provider

CRN, a brand of The Channel Company, has included HIPAA-compliant hosting solution provider Atlantic.Net in its 2019 Tech Elite 250 list. CRN produces the list each year to honor a very select group of companies in North America who have achieved the highest level and greatest number of certifications from the world’s leading technology suppliers, scaled to the size of the company. In today’s rapidly evolving technology landscape, cloud service companies need to constantly develop new solutions to meet the needs of their clients. To do that, they need to be aware of changing trends and have expert technical knowledge of a broad range of platforms. Companies that possess a broad and extensive knowledge are recognized each year by CRN in its Tech Elite 250 list. CRN assesses the technical knowledge of companies by the level of their technical certifications and the number of advanced technical certifications the companies have earned from the industry’s leading technology providers such as Amazon, VMware, Dell, HPE, Oracle, and Cisco. Inclusion in the Tech Elite 250 list demonstrates...

Read More
AWS Chief Technology Officer Allays Fears about Cloud Security and Talks about the Huge Potential of Alexa Voice Technology
Apr12

AWS Chief Technology Officer Allays Fears about Cloud Security and Talks about the Huge Potential of Alexa Voice Technology

Amazon Web Services’ chief technology officer, Werner Vogels, has been dispelling security myths about cloud computing at the Dublin Tech Summit in Ireland this week. Concerns have been raised about the security of data stored in the cloud, especially following the discovery that 540 million Facebook records had been exposed on AWS: One of several high-profile data breaches that have involved AWS-stored data in the past 12 months. Fears About Compliance and the Cloud Companies required to comply with General Data Protection Regulation (GDPR) must ensure that the personal data of EU citizens is secured and kept private and confidential. Since GDPR came into effect on May 25, 2018, the potential penalties for data exposures have increased significantly. It is therefore understandable that companies are concerned about storing data in the cloud rather than on-premise infrastructure that they feel better able to secure. Germany’s federal commissioner, Ulrich Kelber, spoke before Vogels at the Tech Summit and voiced his concerns about American cloud storage providers, stating that they...

Read More
RackSpace Named Leader in Gartner’s 2019 Magic Quadrant for Public Cloud Infrastructure Professional and Managed Services
Mar13

RackSpace Named Leader in Gartner’s 2019 Magic Quadrant for Public Cloud Infrastructure Professional and Managed Services

Rackspace has been named a leader in Gartner’s 2019 Magic Quadrant for Public Cloud Infrastructure Professional and Managed Services, Worldwide, achieving the second highest score for ability to execute out of 19 companies in the Magic Quadrant assessment. This is the third consecutive year that the company has been positioned in the leader’s quadrant. The Magic Quadrants are graphical representations of companies based on the completeness of their vision and their ability to execute that vision. High scores in both areas see companies named as a Leader in the field. Low scores in both see firms categorized as Niche Players, a high score for completeness of vision and a low score for ability to execute sees firms classed as Visionaries, and a high score for ability to execute and a low score for completeness of vision sees them categorized as Challengers. The high score for completeness of vision is due to Rackspace constantly assessing the requirements of its customers and developing new services to meet those needs. The company develops comprehensive IT roadmaps, guidance on...

Read More
TrueVault Releases New Solution to Automate GDPR Management
Mar04

TrueVault Releases New Solution to Automate GDPR Management

TrueVault Atlas is a new solution that has been developed to help organizations manage and automate daily GDPR tasks to ease the GDPR compliance burden. The EU’s General Data Protection Regulation (GDPR) introduced a wide range of requirements to improve privacy and security of the ‘personal data’ of citizens of the European Union and European Economic Area. GDPR applies to all entities that collect or process the personal data of EU citizens, not only those based in the EU. GDPR afforded certain rights to EU citizens to give them greater control over their personal data, such as the right to see what data has been collected on them and the right to stop the processing of all of their personal data and have that information erased. Compliance with GDPR comes with a significant administrative burden, which TrueVault’s new solution, TrueVault Atlas, was developed to ease by automating the management of personal data and data access/erasure requests. TrueVault Atlas creates an inventory of all GDPR-covered personal data across an organization’s internal and third-party systems –...

Read More
Liquid Web’s Managed Dedicated Servers Upgraded with Intel Xeon Scalable Processors
Feb08

Liquid Web’s Managed Dedicated Servers Upgraded with Intel Xeon Scalable Processors

The Lansing, MI-based managed hosting company Liquid Web has announced it has completed an upgrade of its Dedicated Servers, which now feature the latest Intel Xeon Scalable processors. The technology upgrades have seen the latest Intel Xeon E3-1230 v6, Intel Xeon Silver 4108, and Intel Xeon Gold 6130 processors implemented, which will help to ensure customers that have signed up to its Managed Dedicated Server offerings benefit from enhanced speed, greater reliability, and improved security. “This new Intel Xeon Scalable technology provides workload-optimized performance, improved hardware security, and serious processing power that our customers require for their mission-critical sites, applications, and databases,” explained Melanie Purkis, Liquid Web’s Director of Managed Hosting Products. The Dedicated Servers include DDoS protection, advanced security, and a built-in backup disk as standard. The servers are housed in Liquid Web’s wholly-owned data centers, which are staffed round the clock by highly skilled engineers who provide 24/7/365 support by phone or online chat....

Read More
Online Tech Acquired by Schurz Communications Inc.
Feb06

Online Tech Acquired by Schurz Communications Inc.

The Ann Arbor, MI-based HIPAA-compliant hybrid cloud provider, Online Tech, has been acquired by Mishawaka, IN-based Schurz Communications Inc. Schurz Communications is primarily an information company which owns three broadband companies, and has newspaper and digital media operations that produce 11 daily newspapers and 7 weeklies along with a range of niche publications. Online Tech is a leading cloud provider that also offers colocation, data protection, and data recovery services. Online Tech has been in business for around 25 years and currently serves almost 500 clients, predominantly in the Midwest. The company has seven data centers and offers a range of managed services, including disaster recovery-as-a-service, data protection-as-a-service, and managed Microsoft Azure deployments. The firm provides enterprise-class infrastructure to mid-market companies and has a strong focus on security and compliance and was one of the first companies to offer a HIPAA-compliant cloud platform to healthcare organizations. The independent merchant banking and advisory firm, Moorgate...

Read More
Connectria Announces New Partnership with Spinnaker Support
Feb01

Connectria Announces New Partnership with Spinnaker Support

partnership with Spinnaker Support, a leading provider of SAP and Oracle third-party support. Connectria provides cloud hosting and production-ready solutions for the cloud including Windows, Linux, IBM i, IBM AIX, Office 365, clouds running VMware or Hyper-V, HIPAA-compliant cloud solutions, and managed public AWS and Azure clouds. Spinnaker Support is a leading provider of support and maintenance for SAP/Oracle alongside application managed services, technology managed services, and consulting services. The company is one of the leading global providers of support for SAP/Oracle and helps customers save money on their annual maintenance fees. The two companies formed a new strategic partnership to cater to the growing number of organizations that are migrating their on-premise applications to the cloud. “Our services enable cloud migration by providing savings that can fund cloud initiatives, more time to choose the best migration strategy, and software support skillsets required today while organizations re-tool their staffs for tomorrow,” said Kurt Moydell, Senior Vice...

Read More
Liquid Web Announces New Partnership with VMware
Jan30

Liquid Web Announces New Partnership with VMware

Liquid Web, the Lansing, MI-based managed hosting and managed application service provider, has formed a new partnership with VMware and has launched a new VMware and NetApp powered managed private cloud to its customers. Many SMBs want the flexibility, scalability, and fast provisioning offered by public clouds, but the security, performance, and high availability that comes with a private cloud, which is necessary in highly regulated industries such as healthcare for mission-critical applications, disaster recovery, and compliance. Liquid Web’s VMware Private Cloud gives them the advantages of both. The new managed private cloud offering allows customers to provision multiple virtual machines through a single cluster of physical servers which support both Windows and Linux VMs that can be run concurrently on the same hardware. “Today’s customers are not only looking for security and flexibility with a private cloud but also the management that frees them up to focus on their business,” said Melanie Purkis, Liquid Web’s Director of Managed Hosting Products. “Managed hosting and...

Read More
iland Secure Cloud Console Receives a Major Upgrade
Jan25

iland Secure Cloud Console Receives a Major Upgrade

The secure cloud service provider iland has announced its Secure Cloud Console has received a major upgrade and now includes full integration with Veeam data protection solutions. iland is a two-time winner of a Veeam Innovation Award (2018/2019), was Veeam Impact Cloud & Service Provider Partner of the Year for North America in 2015 and 2017, and is currently the only cloud service provider to offer integration with the full suite of Veeam solutions through a single management console. Following the release of Veeam Availability Suite 9.5 Update 4, iland customers can manage, monitor, and report on cloud backups, disaster recovery services, and long-term data archiving through a single pane of glass. The Veeam integration is only part of an extensive number of updates to the Secure Cloud Console. iland has also improved visibility of historical usage, performance, and billing, and together with full self-service management capabilities, customers can configure and automate disaster recovery, thoroughly self-test disaster recovery strategies and failover, and request additional...

Read More
Connectria Launches New Services Bringing IBM I and AIX to AWS and Azure
Jan22

Connectria Launches New Services Bringing IBM I and AIX to AWS and Azure

The St. Louis-MO-based cloud services provider Connectria has launched four new services to help businesses running IBM i and AIX workloads to quickly and safely move to the cloud and run workloads on Amazon Web Services (AWS) and Microsoft Azure. Connectria already provides businesses running IBM Power Systems with industry-leading IBM i Cloud and IBM AIX Cloud services, but the new services will allow them to safely move all their data center workloads to the cloud, including their legacy applications. The new services have been created to make it as easy as possible for businesses to safely and securely migrate to the cloud. The new services – IBM i For AWS, IBM AIX For AWS, IBM i For Azure, & IBM AIX For Azure – include full data migration and planning services, risk mitigation, and comprehensive managed services and security to ensure reliability and security for customers’ cloud environments. “Our customers want the flexibility to run the right workloads in the right clouds, but without sacrificing security, compliance, performance, or costs.  Our new solutions make...

Read More
Online Tech Acquires Neverfail Cloud Assets, Infrastructure, and Cloud Nodes
Dec08

Online Tech Acquires Neverfail Cloud Assets, Infrastructure, and Cloud Nodes

Online Tech, a provider of HIPAA-compliant hybrid and multi-cloud solutions, has officially acquired the IaaS, data protection assets, and cloud nodes of the Austin, TX-based IT services provider Neverfail for an undisclosed sum. The deal has seen Online Tech significantly expand its global footprint and now offer additional cloud nodes in Texas, Nevada, Virginia, the United Kingdom, and Australia. The additional assets will help Online Tech better serve direct customers while its channel program has been developed further and is expected to bring in tens of thousands of new end users. The enhanced channel program includes a partner-centric private cloud, dedicated sales and marketing resources, products that have been custom-built to meet the needs of partners, and a zero-conflict channel promise. Online Tech was already offering multi-cloud solutions, colocation services, data protection, and a range of compliance, security, and managed services to its customers. The acquisition has allowed Online Tech to expand its services further to include several additional products such as...

Read More
Atlantic.Net Partnership with Veeam Enhances Data Availability
Dec06

Atlantic.Net Partnership with Veeam Enhances Data Availability

Atlantic.Net, the leading provider of HIPAA-compliant hosting to the healthcare industry, has announced it has entered into a new partnership with Veeam Software. Veeam specializes in providing Intelligent Data Management for the Hyper-Available Enterprise. Businesses are now heavily reliant on data. Without access to critical data, businesses grind to a halt. Even in the event of a natural disaster or cyberattack, systems must be rapidly brought back online, applications restarted, and all data recovered in the shortest possible time frame. Through the new partnership, Atlantic.Net customers will have access to Veeam-powered data protection and data recovery and availability solutions, which can be easily integrated into their business and disaster recovery strategies. The Veeam Availability Suite ensures hyper-availability for all workloads, whether virtual or physical, and all are managed through a single management console. In the event of disaster. Veeam combines replication and backup in a single solution and ensures applications and data can always be recovered. “In addition...

Read More
Atlantic.Net Awarded TMC 2018 Cloud Computing Security Excellence Award
Oct18

Atlantic.Net Awarded TMC 2018 Cloud Computing Security Excellence Award

Atlantic.Net, a leading provider of HIPAA-compliant hosting solutions and associated managed services, has been honored in this year’s TMC’s 2018 Cloud Computing Security Excellence Awards. TMC is an integrated media company that helps global buyers make the right purchasing decisions through the company’s content-driven marketplaces, education efforts, and live events. Each year, TMC recognizes the leading cloud computing companies and issues Excellence Awards to companies that have gone the extra mile and developed cutting edge cloud security services and solutions that offer exceptional protection from an ever-growing number of cybersecurity threats. “Today, the Internet is challenged by an ever-growing number of cyber security threats – including viruses, malware, DDoS, ransomware and more,” said Marty Puranik, CEO of Atlantic.Net.  “Here at Atlantic.Net we pride ourselves on keeping our clients’ data and infrastructure protected to help ensure privacy, security, and compliance.” In addition to its HIPAA-compliant hosting and HIPAA data storage services for the healthcare...

Read More
Atlantic.Net Included in November 2017 Market Guide for Cloud Service Providers to Healthcare Delivery Organizations
Oct06

Atlantic.Net Included in November 2017 Market Guide for Cloud Service Providers to Healthcare Delivery Organizations

HIPAA-compliant hosting company Atlantic.Net has been recognized by Gartner in its November 2017 Market Guide for Cloud Service Providers to Healthcare Delivery Organizations. The Market Guide is produced by Gartner Research to help CIOs at Healthcare Delivery Organizations gain a better understanding of the rapidly evolving cloud market and helps them identify notable cloud vendors. The Market Guide explains how the cloud is now a well-established option for healthcare delivery organizations, what security solutions are required for HIPAA compliance, and the key cloud services that will help make the organization’s cloud journey a success. Atlantic.Net is an Orlando, FL-based provider of HIPAA-compliant hosting, cloud hosting, and managed cloud services to the healthcare industry. Established in 1994, the company has grown into a market leader with state-of-the-art data centers throughout the United States and beyond. Atlantic.Net has recently just opened its 7th U.S. data center in Ashburn, VA, through which the full range of cloud and hosting services are now being provided....

Read More
Atlantic.Net Launches VMware-Based Private Cloud Hosting Platform
Aug12

Atlantic.Net Launches VMware-Based Private Cloud Hosting Platform

Atlantic.Net has announced a new collaboration with the enterprise cloud computing and virtualization software giant VMware. VMware is the name behind the software that powers the digital infrastructure of millions of businesses around the world, from SMBs to large enterprises and many Fortune 500 firms. Atlantic.Net is a market-leading hosting provider that specializes in HIPAA-compliant hosting solutions for the healthcare industry and associated managed services. The collaboration has seen Atlantic.Net join the VMware Cloud Provider Program, which will allow the company to deliver a secure, high performance, ultra-flexible VMware-based private cloud hosting platform to its customers. The new platform will bring enterprise-class virtualization technology to the SMBs marketplace, which can be leveraged to improve efficiency and significantly reduce costs. “Now, at Atlantic.Net, we will be able to provide our clients with the ability to choose the best private cloud environment to meet their needs,” said Atlantic.Net Chief Executive Officer and President, Marty Puranik. “Whether...

Read More
Liquid Web Launches Protection & Remediation Services for its Managed Hosting Solutions
Aug12

Liquid Web Launches Protection & Remediation Services for its Managed Hosting Solutions

Lansing, MI-based managed hosting and managed application services provider Liquid Web has launched new Protection & Remediation Services for its Managed Hosting solutions to better protect customers from cyberattacks and help them achieve their compliance objectives. Cybersecurity is now a major concern for businesses given the increase in attacks and the high cost of remediating security incidents and data breaches. When cyberattacks succeed, identifying a breach typically takes 200 days or more. During the time that systems are compromised, sensitive data can be stolen and significant damaged can be caused. Liquid Web’s new Protection & Remediation Services have the dual purpose of hardening server and application-level defenses to make it more difficult for cyberattacks to succeed and also ensure that if defenses are breached, the attacks are identified and remediated rapidly. Liquid Web achieves this through the use of a range of preventative security tools such as web application firewalls, antivirus protection, and vulnerability scanning. These measures ensure...

Read More
Is the Google Cloud Platform HIPAA Compliant?
Jul31

Is the Google Cloud Platform HIPAA Compliant?

Is the Google Cloud Platform HIPAA compliant?  Is the Google Cloud Platform a suitable alternative to Azure and AWS for cloud hosting for healthcare organizations? In this post we determine whether the Google Cloud platform is HIPAA compliant and if it can be used by healthcare organizations to build applications, host infrastructure, and store files containing protected health information. Healthcare organizations are increasingly taking advantage of cloud platforms. The healthcare cloud computing market was valued at $4.65 billion in 2016 and is expected to increase to more than $14.76 billion by 2022. Amazon AWS is still the leading platform with a market share of 62% according to KeyBlanc, with Microsoft Azure second on 20%, but Google is gaining ground, with a market share of around 12%. Amazon and Microsoft both offering platforms that support HIPAA compliance, but what about Google? Is the Google Cloud Platform HIPAA compliant? Will Google Sign a Business Associate Agreement Covering its Cloud Platform? Since the Omnibus Rule came into effect in September 2013, Google has...

Read More
Atlantic.Net Wins 2018 MedTech Breakthrough Award
Jul19

Atlantic.Net Wins 2018 MedTech Breakthrough Award

The MedTech Breakthrough Awards celebrate the companies and individuals in the health, fitness, and medical technology industries that are providing the best digital health and medical technology products and services for the global health and medical market. This year, more than 3,000 nominations for a prestigious MedTech Breakthrough Award were received. Nominees came from 12 countries and included some of the biggest names in healthcare technology, such as Philips, GE Healthcare, Abbott, Azalea Health, and WebMD. To be selected as an award winners with such strong competition demonstrates that a company has gone the extra mile and has developed cutting edge healthcare technology solutions that are much loved by users. The awards reflect the hard work, commitment, innovation, and successes of companies and individuals working across a range of health and medical technologies from robotics to cloud data storage. Awards are issued to individuals, products, services and companies in the categories of clinical and health administration, patient engagement, electronic health records,...

Read More
Atlantic.Net Opens New Northern Virginia Data Center Hosting Facility
Jul17

Atlantic.Net Opens New Northern Virginia Data Center Hosting Facility

Atlantic.Net has announced its new HIPAA data center hosting facility in Northern Virginia is now up and running and the company is now providing the full range of hosting services and solutions through the new facility. In response to demand for its cloud and managed services, Atlantic.Net has invested significant resources to improve its infrastructure and has embarked upon a major expansion of its data center footprint. The new Ashburn, VA data center is one in a string of new facilities that have been set up to meet the needs of the company’s rapidly growing client list. The Ashburn facility is located in Northern Virginia close to Washington D.C., and has historically been a hotbed of innovation. The new facility is protected by 24/7 manned security, state-of-the-art-security systems, biometric access controls, 2N generator power capacity, a N+2 cooling system, and the facility has been audited and has demonstrated compliance with HIPAA, HITECH, and SSAE 18 SOC1 and SOC2. The new data center joins those in New York, Dallas, Toronto, San Francisco, London, and Orlando. The...

Read More
Online Tech Audit Confirms its Data Centers and HQ are Compliant with ISO 27001
Jun30

Online Tech Audit Confirms its Data Centers and HQ are Compliant with ISO 27001

Online Tech has announced that following a five-month process of audits by NSF International, all five data centers and its Ann Arbor, MI headquarters have been confirmed as compliant with ISO 27001. ISO 27001 sets rigorous standards for Information Security Management System (ISMS) to ensure all sensitive information is properly managed and remains secure at all times. ISO 27001 covers the implementation of the ISMS, its maintenance, and policies and procedures to ensure continuous improvements are made and high standards are maintained. ISO 27001 sets standards assessing risk, which are tailored to each organization, and in-depth risk management processes are required covering people, processes, as well as IT systems. Those risks must be managed and reduced to a low and acceptable level. In order to pass the audits and be certified as compliant, Online Tech’s ISMS was required to meet the minimum standards across 14 specific controls, which the company did without any exceptions or corrective actions at all 5 data centers and headquarters. Those controls include the information...

Read More
Is Rackspace HIPAA Compliant?
Jun21

Is Rackspace HIPAA Compliant?

The Windcrest, TX-based managed cloud computing company Rackspace offers public cloud and email hosting services, but can they be used by HIPAA-covered entities without violating HIPAA Rules? Is Rackspace HIPAA compliant? Will Rackspace Sign a Business Associate Agreement with HIPAA Covered Entities? Rackspace is aware that by allowing healthcare organizations to use its services, the company is classed as a HIPAA business associate and must agree to comply with the HIPAA Privacy and Security Rules. Rackspace has obtained HITRUST and HITRUST CSF certifications which demonstrate the company meets the data and privacy security standards demanded by HIPAA for managed public, private, and hybrid cloud environments. The company uses extended SSL encryption and meets PCR DSS data security requirements. The company provides assistance to healthcare companies to help them use its services and comply with HIPAA Rules and develop an approach that satisfies HIPAA Rules and meets their business needs. Rackspace will also sign a business associate agreement for its dedicated hosting services,...

Read More
Secure Block Storage (SBS) Now Available for Atlantic.Net Cloud Servers
Jun14

Secure Block Storage (SBS) Now Available for Atlantic.Net Cloud Servers

Atlantic.Net, a leading provider of hosting and hosting services to the healthcare industry, has announced the release of Secure Block Storage (SBS) for its cloud servers. The new feature allows Atlantic.Net customers to attach additional storage drives to their cloud servers and easily scale their workloads. SMS allows customers to increase storage on the fly and move data between cloud servers. For total security, data is automatically encrypted at rest and SMS has been designed to provide 99.999% availability. To protect against data loss due to component failure, volumes are automatically replicated multiple times to ensure data can always be recovered. SBS has been developed to be highly scalable, highly redundant, easily accessible, and easy to use. SBS can be used for file, application, database, or backup storage and is available to all customers on demand. Initially, Atlantic.Net is launching SBS with an initial deal of 50GB of SMB free for one year and a rate of 7.9 cents per additional GB per month. “Here at Atlantic.Net, we remain steadfast in our commitment to...

Read More
Connectria Named in CRN 2018 Solution Provider 500 List
Jun10

Connectria Named in CRN 2018 Solution Provider 500 List

The St. Louis-MO-based cloud services provider Connectria has been named in the CRN® 2018 Solution Provider 500 list. CRN is a brand name of The Channel Company and produces an annual list of the largest tech integrators, solution providers, and IT consultants in North America. CRN has been producing the annual list since 1995, which ranks companies by revenue. The list serves as an industry standard for recognition of the most successful provider companies in the channel and helps businesses select the best companies to do business with. The total revenue generated by companies on list has risen to $320 billion in 2018. The CRN® 2018 Solution Provider 500 list includes 26 companies that have made it on the list for the very first time. This is the seventh consecutive year that Connectria has been included in the list, achieving a position of #351 for 2018, having increased from position #356 in 2017. “We are once again honored to be named to CRN’s Solution Provider list for the seventh year in a row.” said Rich Waidmann, Connectria President and CEO. “For over twenty years,...

Read More
Rackspace Named Leader in Gartner Magic Quadrant for Public Cloud Managed Service Providers
Apr06

Rackspace Named Leader in Gartner Magic Quadrant for Public Cloud Managed Service Providers

Rackspace has been included in the Leader’s Quadrant in Gartner’s 2018 Magic Quadrant for Public Cloud Managed Service Providers, Worldwide. Rackspace was one of 20 public cloud managed service providers assessed for the report, which assesses companies based on their completeness of vision and ability to execute that vision. The report categorizes companies as niche players, contenders, visionaries, and leaders. Companies in the Leaders Quadrant scored highly for both completeness of vision and ability to execute. In this year’s magic Quadrant, only three providers were named as leaders. This is the second consecutive year that Rackspace has been included in the Leaders Quadrant in the Magic Quadrant for Public Cloud Managed Service Providers, Worldwide, which the company puts down to the depth of its portfolio and its expertise in delivering next-generation IT services. “Businesses within every industry are moving to consume IT in a more-agile and cost-efficient manner, as a service, across multiple public and private cloud platforms and technologies. We are constantly adding new...

Read More
Is Liquid Web HIPAA Compliant?
Mar20

Is Liquid Web HIPAA Compliant?

Healthcare organizations searching for a hosting solution may identify Liquid Web as a potential vendor, but is Liquid Web HIPAA compliant? Can its cloud services be used by HIPAA-covered entities for hosting applications and projects that include electronic protected health information? Any healthcare organization that wants to use the cloud to host applications that use the protected health information (PHI) of patients must select a vendor whose service includes safeguards to ensure the confidentiality, integrity, and availability of ePHI that meet the requirements of the HIPAA Security Rule. Cloud service providers, including hosting companies, are classed as business associates since they potentially have access to their clients’ data. While many cloud service providers claim they do not access customers’ data, they are still classed as business associates. HIPAA-covered entities and their business associates must therefore enter into a business associate agreement with the service provider before any ePHI is uploaded to the cloud. Liquid Web Business Associate Agreements...

Read More
Atlantic.Net Achieves SSAE-18  SOC 1 and SOC 2 Certification
Mar15

Atlantic.Net Achieves SSAE-18 SOC 1 and SOC 2 Certification

Atlantic.Net has recently been externally validated per Service Organization Control SSAE 18 SOC 1 and SOC 2 auditing standards and has attained SSAE-18 certification in compliance with AICPA standard principles. Atlantic.Net is one of the first service companies to achieve the certification. To attain certification, Atlantic.Net was audited by the national security and compliance solutions provider, A-Lign. The audit covered organization-wide system controls and how well Atlantic.Net’s controls were designed to achieve the control objectives. The audit also involved tests to determine the operational effectiveness of the controls. The auditor’s report confirmed that Atlantic.net is in full compliance with AICPA Standard Principles and achieved the standard required for certification. “This certification demonstrates the auditor’s confidence in our world class infrastructure, system controls, and our continued mission to deliver excellence to our clients,” said Marty Puranik, CEO of Atlantic.Net. “Authenticating these processes to ensure our clients are provided with consistent,...

Read More
Microsoft Gold Status of Cloud Platform Competency Achieved by Connectria
Feb08

Microsoft Gold Status of Cloud Platform Competency Achieved by Connectria

Connectria has announced it has achieved Microsoft’s Gold Status for Cloud Platform Competency for its expertise and use of Microsoft Azure. The Microsoft Cloud Platform Competency was designed for Microsoft Partners to help them capitalize on the increasing demand for infrastructure as-a-service and software as-a-service running in Microsoft Azure cloud environments. Achieving a Gold or Silver standard helps companies differentiate their services within the Microsoft Partner ecosystem and demonstrate to their customers they have considerable expertise in running IaaS and SaaS on Azure. The Microsoft Cloud Platform Competency is awarded to companies that have demonstrated expertise in Microsoft Azure environments, with the Gold status awarded to companies who have completed rigorous Microsoft Technical Assessments and are maintaining a certain level of core Microsoft Certified Professionals on staff. Companies must also show they have applied that expertise to help their customers and must submit customer references to demonstrate past successes on Microsoft Azure. In order to...

Read More
Allscripts Ransomware Attack Impacts Cloud EHR and EPCS Services
Jan22

Allscripts Ransomware Attack Impacts Cloud EHR and EPCS Services

An Allscripts ransomware attack occurred on Thursday January 18, resulting in several of the firm’s applications being taken offline, including its cloud EHR and electronic prescriptions platform. The attack came just a few days after two Indiana hospitals experienced SamSam ransomware attacks. The Allscripts ransomware attack is also believed to have involved a variant of SamSam ransmware – a ransomware family extensively used in attacks on healthcare providers. Allscripts is a popular electronic health record (EHR) system and Electronic Prescriptions for Controlled Substances (EPCS) provider, with its platform used by many U.S healthcare organizations, including 2,500 hospitals and 19,000 post-acute care organizations. More than 180,000 physicians, 100,000 electronic prescribing physicians, and 40,000 in-home clinicians use Allscripts. The Allscripts ransomware attack commenced in the early hours of Thursday morning. Rapid action was taken to remove the ransomware and restore data, with the incident response teams at Microsoft and Cisco called in to assist. An investigation...

Read More
Liquid Web Confirmed as Meeting HIPAA and HITECH Act Requirements
Nov10

Liquid Web Confirmed as Meeting HIPAA and HITECH Act Requirements

Liquid Web, a provider of managed hosting services to web professionals and SMBs, has undergone a third-party audit and has demonstrated its dedicated and cloud dedicated solutions are compliant with Health Insurance Portability and Accountability Act (HIPAA) Rules and Health Information Technology for Economic and Clinical Health (HITECH) Act requirements. The audit was performed by the independent accounting firm UHY LLP, which validated Liquid Web’s dedicated and cloud dedicated solutions and its policies, procedures, and practices as meeting the minimum standards outlined in the Privacy and Security Rules of HIPAA and the requirements of the HITECH Act. Liquid Web has implemented administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of electronic protected health information (ePHI) that is collected, stored, processed, or transmitted by its healthcare clients through its cloud solutions. As a cloud service provider, Liquid Web is classed as a business associate under HIPAA. Business associates of HIPAA-covered entities...

Read More
53% of Businesses Have Misconfigured Secure Cloud Storage Services
Oct09

53% of Businesses Have Misconfigured Secure Cloud Storage Services

The healthcare industry has embraced the cloud. Many healthcare organizations now use secure cloud storage services to host web applications or store files containing electronic protected health information (ePHI). However, just because secure cloud storage services are used, it does not mean data breaches will not occur, and neither does it guarantee compliance with HIPAA. Misconfigured secure cloud storage services are leaking sensitive data and many organizations are unaware sensitive information is exposed. A Business Associate Agreement Does Not Guarantee HIPAA Compliance Prior to using any cloud storage service, HIPAA-covered entities must obtain a signed business associate agreement from their service providers. Obtaining a signed, HIPAA-compliant business associate agreement prior to the uploading any ePHI to the cloud is an important element of HIPAA compliance, but a BAA alone will not guarantee compliance. ePHI can easily be exposed if cloud storage services are not configured correctly. As Microsoft explains, “By offering a BAA, Microsoft helps support your HIPAA...

Read More
HITRUST/AMA Launch Initiative to Help Small Healthcare Providers with HIPAA Compliance
Sep27

HITRUST/AMA Launch Initiative to Help Small Healthcare Providers with HIPAA Compliance

HITRUST has announced it has partnered with the American Medical Association (AMA) for a new initiative that will help small healthcare providers with HIPAA compliance, cybersecurity, and cyber risk management. Small healthcare providers can be particularly vulnerable to cyberattacks, as they typically lack the resources to devote to cybersecurity and do not tend to have the budgets available to hire skilled cybersecurity staff. This week has underscored the need for small practices to improve their cybersecurity defenses, with the announcement of two cyberattacks on small healthcare providers by the hacking group TheDarkOverlord. Recent ransomware attacks have also shown that healthcare organizations of all sizes are likely to be attacked. Organizations of all sizes must practice good cyber hygiene and have the right defenses in place to improve resilience against ever changing cyber threats. HITRUST and AMA will be hosting 2-hour workshops where physicians and other healthcare staff will be educated on key areas of risk management, HIPAA compliance, and cybersecurity, with the...

Read More
Atlantic.Net Cloud Platform Automatically Encrypts Data At Rest
Aug30

Atlantic.Net Cloud Platform Automatically Encrypts Data At Rest

Healthcare organizations looking to use the cloud for storing ePHI or hosting applications that interact with ePHI require world-class hosting services with top grade security. To further meet the needs of healthcare clients, Atlantic.Net has implemented a cloud platform that automatically encrypts all customer data at rest for maximum protection against unauthorized data access. World-class encryption mechanisms are used to encrypt data at the storage layer. For ease of use, the encryption takes place in a transparent manner and requires no configuration to reduce the potential for user error. The default encryption setting is part of Atlantic.Net’s ongoing efforts to ensure the privacy of all customer data. Atlantic.Net believes customer privacy is paramount, and a security setting as important as encryption should not be an optional or add-on feature. Encryption is provided to all customers free of charge. Prior to being written to disk, all data is encrypted using the Advanced Encryption Standard 256-bit (AES-256) cipher. AES256 is the only cipher approved by the NSA for...

Read More
Is Dropbox HIPAA Compliant?
Jul14

Is Dropbox HIPAA Compliant?

Healthcare organizations can benefit from using Dropbox, but is Dropbox HIPAA compliant? Can the service be used to store and share protected health information? Is Dropbox HIPAA Compliant? Dropbox is a popular file hosting service used by many organizations to share files, but what about protected health information? Is Dropbox HIPAA compliant? Dropbox claims it now supports HIPAA and HITECH Act compliance but that does not mean Dropbox is HIPAA compliant. No software or file sharing platform can be HIPAA compliant as it depends on how the software or platform is used. That said, healthcare organizations can use Dropbox to share or store files containing protected health information without violating HIPAA Rules. The Health Insurance Portability and Accountability Act requires covered entities to enter into a business associate agreement (BAA) with an entity before any protected health information (PHI) is shared. Dropbox is classed as a business associate so a BAA is required. Dropbox will sign a business associate agreement with HIPAA-covered entities. To avoid a HIPAA...

Read More
OCR Draws Attention to Risks from File Sharing Tools and Cloud Computing
Jul03

OCR Draws Attention to Risks from File Sharing Tools and Cloud Computing

File sharing and collaboration tools offer many benefits to HIPAA-covered entities, although the tools can also introduce risks to the privacy and security of electronic health information.  Many companies use these tools, including healthcare organizations, yet they can easily lead to the exposure or disclosure of sensitive data. The Department of Health and Human Services’ Office for Civil Rights has recently issued a reminder to covered entities and business associates of the potential risks associated with file sharing and collaboration tools, explaining the risks these services can introduce and how covered entities can use these services and remain in compliance with HIPAA Rules. While file sharing tools and cloud computing services may incorporate all the necessary protections to ensure data is secured and cannot be accessed by unauthorized individuals, over the past few years there have been numerous cases where human error has resulted in misconfigurations. Those errors have led to data breaches. A Metalogix survey conducted by the Ponemon Institute revealed that one in...

Read More
Forrester Research Names Rackspace Leader for Hosted Private Cloud Services
Jun25

Forrester Research Names Rackspace Leader for Hosted Private Cloud Services

Forrester Research Inc. has named Rackspace a leader for hosted private cloud services in its Forrester Wave™: Hosted Private Cloud Services, North America Q2, 2017 report. The Forrester Wave™ reports serve as a guide for buyers considering their options in the technology marketplace. The market research company provides insights into the major players in the software, hardware, and services market to save buyers months of time conducting their own research into the best solutions, hardware and services to purchase. Nine cloud services providers were assessed for the Hosted Private Cloud Services Report across 33 criteria, such as strategy, market presence, and current offering. Rackspace’s OpenStack Private Cloud Offering achieved the highest marks out of all vendors for strategy and automation capabilities, achieving the highest possible score in three of the 8 criteria used to assess strategy. Rackspace also achieved the second highest score for market approach, business technology vision, service level agreements, and storage and contract agreements. Forrester researchers...

Read More
Palo Alto Networks Launches New Cloud-Based Security Service for Mobile Users
Jun14

Palo Alto Networks Launches New Cloud-Based Security Service for Mobile Users

Palo Alto Networks has launched a new cloud-based security service that can be used to protect remote locations and users of mobile devices via the Palo Alto Networks Next-Generation Security Platform and apply security controls such as URL Filtering and Threat Prevention. Many businesses operate across multiple locations and have a highly distributed workforce. The new Palo Alto Networks GlobalProtect cloud service makes it easier for businesses to secure remote networks and protect mobile users without backhauling traffic to the corporate network or using multiple point products. The new Palo Alto Networks GlobalProtect cloud service protects all employees via the Palo Alto Networks Next-Generation Security Platform, regardless of where they are located. The GlobalProtect cloud service allows administrators to easily add new locations and mobile workers and implement and update security policies as required. The service is always on and kept up to date and helps organizations ensure consistent security for the entire organization, regardless of location or the devices used. With...

Read More
Healthcare Providers Are Wasting Millions on Cloud Hosting
Apr12

Healthcare Providers Are Wasting Millions on Cloud Hosting

A study by Communications for Research showed that healthcare organizations are now spending $40 billion a year on IT programs, while MarketsandMarkets research indicates $3.73 billion of that budget is spent on cloud services. By 2020, cloud spending is expected to triple and reach $9.5 billion. MedGadget healthcare market research suggests there will be a 21.95 percent CAGR for spending on cloud computing by the healthcare industry by 2019. More and more healthcare organizations are seeing the benefits that can be gained from switching to cloud computing, especially as a way of reducing IT spending. The public cloud is elastic and capacity can be increased or decreased on demand, but the reality is most organizations use of the cloud involves considerable wastage. Organizations are paying for the public cloud and are ensuring their instances have sufficient capacity, yet for a lot of the time much of the capacity that is paid for is redundant. The 2017 Rightscale State of the Cloud Report suggests 46% of enterprises are carefully monitoring cloud use and are rightsizing their...

Read More
Atlantic.Net Customers Enjoy 100x Speed Boost with New SSD Cloud VPS Hosting Platform
Mar18

Atlantic.Net Customers Enjoy 100x Speed Boost with New SSD Cloud VPS Hosting Platform

Atlantic.Net has announced its new SSD Cloud VPS Hosting Platform has now been made available to new and existing customers. Atlantic.Net’s world-class cloud VPS hosting solutions are a popular choice with SMBs and the company has been enjoying sustained growth, particularly in the healthcare and e-commerce sectors. Customers also now have increasing performance requirements and need greater speeds and faster data access. In order to continue to meet customers’ needs, Atlantic.Net invested significantly in new hardware and has now implemented the new solid state drives for its VPS hosting platform. The upgrade is likely to be noticed by existing customers. The new enterprise Solid State Drives are a significant advance on the previous storage hardware and are capable of 100x faster read and write speeds. Customers are most likely to notice the difference in their start up times, which will be considerably faster, and there will be noticeable improvements due to the enhancements to random access time, data transfer rate, and read performance. “Our customer’s ever increasing...

Read More
Multi-Factor Authentication Capability Added to TrueVault Management Console
Mar15

Multi-Factor Authentication Capability Added to TrueVault Management Console

TrueVault, a provider of a HIPAA-compliant cloud storage platform for personally identifiable information, has announced that multi-factor authentication has now been added to the TrueVault Management Console. The TrueVault platform was developed specifically to store personally identifiable information (PII) and protected health information (PHI) to ease the compliance burden on healthcare organizations that are developing cloud-based applications. Rather than having to build HIPAA Security Rule safeguards into their own applications to ensure PII/PHI is protected, TrueVault assumes that responsibility, allowing customers to concentrate on developing the core features of their applications. HIPAA-compliant cloud resources incorporate the necessary safeguards to ensure the confidentiality, integrity, and availability of electronic PII/PHI. Those resources require some form of authentication, such as a username and password, to prevent unauthorized access. Through phishing attacks, social engineering techniques, and human error, passwords may be inadvertently disclosed and could...

Read More
Rackspace Achieves HITRUST CSF Certification
Mar01

Rackspace Achieves HITRUST CSF Certification

Rackspace has announced that the company’s Dedicated hosting environment has achieved Health Information Trust (HITRUST) Alliance Common Security Framework (CSF) Certified status The HITRUST CSF incorporates state and federal regulations, standards, and frameworks and uses a risk-based approach to help organizations identify and address risks to regulated data and is the most widely adopted security framework in the healthcare industry in the United States. The Certified status confirms that the Rackspace Dedicated environment meets Health Insurance Portability and Accountability (HIPAA) Act and Health Information Technology for Economic and Clinical Health (HITECH) Act requirements for securing protected health information (PHI). The certification confirms the policies, procedures, and practices governing offerings within the Rackspace Dedicated environment, including its Dedicated Servers, storage, databases, managed virtualization, and networking solutions, meet HIPAA/HITECH Act requirements, and through the Rackspace Dedicated environment, healthcare organizations can mitigate...

Read More
OCR Warns Covered Entities of Risk of DDoS Attacks
Dec08

OCR Warns Covered Entities of Risk of DDoS Attacks

There has been a surge in Distributed Denial of Service (DDoS) and Denial of Service (DOS) attacks over the past few weeks. The attacks involve flooding systems with information and requests to cause those systems to crash. The attacks have resulted in large sections of the Internet being taken offline, email systems have crashed, and other computer equipment taken out of action. DDoS attacks on healthcare organizations could prevent patients from accessing web services such as patient portals during an attack, but they can also prevent healthcare employees from accessing systems that are critical for healthcare operations. EHRs, payroll systems, or even software-based medical equipment such as drug infusion pumps and MRIs can potentially be taken out of action. Not only do DDoS attacks prevent these systems from being accessed, they can also result in substantial hardware damage and the cost of repair can be considerable. The scale of the recent attacks has been astonishing. Whereas last year, DDoS attacks of the order of 300 Gbps something of a rarity, this year we have seen...

Read More
69% of IT Security Pros Concerned About Unauthorized Cloud Data Access
Nov17

69% of IT Security Pros Concerned About Unauthorized Cloud Data Access

The adoption of cloud services continues to increase, with 68% of organizations now using at least one cloud service, up from 43% last year. However, the security of data stored in the cloud is still a major concern, according to the second annual Cloud Security Report from Netwrix. For the global Cloud Security Report, Netwrix surveyed 660 companies spread across more than 30 industries. The research shows that while cloud service providers are committing more resources to protecting their infrastructure and customers’ data, they are struggling to convince IT security professionals that adequate protections have been put in place. 7 out of 10 organizations expressed concern about the privacy and security of cloud technology and fewer than half of organizations (44%) that use cloud services believed adequate protections had been implemented by their cloud service providers. The biggest concern was unauthorized data access by employees and third parties. 69% of respondents expressed concern about unauthorized access. The other two main concerns were malware and Denial of Service...

Read More
Managed Security and Compliance Assistance Service Launched by Rackspace
Oct01

Managed Security and Compliance Assistance Service Launched by Rackspace

Rackspace has launched a new Managed Security and Compliance Assistance service to help its customers protect business-critical processes, secure their data, mitigate cybersecurity threats and risks, and achieve their compliance objectives. The new offerings help Rackspace develop holistic security solutions for its customers and ensure compliance in multi-cloud environments. The new offerings allows customers to benefit from the considerable experience of its security experts and implement multi-cloud security best practices, security monitoring, and threat analysis to ensure their environments are properly secured and resilient to cybersecurity threats. The company provides onboarding consultation and deployment to deliver tailored solutions along with ongoing management of customers’ environments to ensure security threats are rapidly identified and remediated. The service helps customers prevent cyberattacks and reduce the potential impact of a cyberattack, while lowering the total cost of ownership of internal security operations centers and other managed service offerings....

Read More
Extent of Unauthorized Cloud Service Usage by Employees Uncovered
Jun29

Extent of Unauthorized Cloud Service Usage by Employees Uncovered

How many cloud services is your organization using? According to a new report, if the figure is under 928 – the average number of cloud services used by healthcare providers – you may be underestimating the extent to which employees are using the cloud. The data suggest employees are breaching security policies by using cloud services that lack the necessary security controls. If the data collected is representative of the healthcare industry as a whole, HIPAA violations are being committed on a daily, if not hourly basis by healthcare professionals. Benefits of HIPAA-Compliant Cloud Services   There are a number of advantages to be gained from using cloud services. Healthcare providers and other HIPAA-covered entities can cut IT equipment and maintenance costs by hosting data in the cloud. Leveraging cloud services can also improve productivity, and speed up accessing and logging of patient data. A number of healthcare providers have been able to improve patient health outcomes by making use of cloud services. Security Risks Being Taken by Employees   Skyhigh Networks...

Read More
TrueVault Connect Identity Management Solution Launched
May30

TrueVault Connect Identity Management Solution Launched

TrueVault has announced that its new identity management solution, TrueVault Connect, first released to a select group of customers in January 2015, is now available to all TrueVault customers. TrueVault Connect is an identity management solution that allows businesses to easily share sensitive date with third-party applications in a secure manner. The solution allows customers to maintain ownership of their data, while implementing data strategies to allow them to easily and securely acquire, exchange, and retire data through third party apps and retain control over the types of data that can be accessed as well as how connections to data can be achieved. The solution allows standards-based authentication to be built into applications quickly and easily, with minimal engineering time and simplifies data exchanges with third party apps. Through TrueVault Connect it is possible for multiple data sources to share a single, secure data warehouse. The solution is available as a white label product and can be customized to meet the requirements of each customer to maintain a consistent...

Read More
Atlantic.Net Opens NYC Cloud Hosting Center
May04

Atlantic.Net Opens NYC Cloud Hosting Center

Atlantic.Net has continued its expansion by opening a fifth HIPAA cloud data center in New York City (NYC). The NYC data center is now fully operational and the full compliment of Atlantic.Net hosting and cloud hosting services are now being provided through the facility. The company’s infrastructure, owned by Telx, has been growing rapidly in response to increasing demand. The new data center was established to accommodate the growing demand for fast, secure hosting and data storage due to the number of New York startups and the thriving developer communities. Given the target market, it is no surprise that the NYC cloud center has been developed to cater to the needs to the developer community. Atlantic.Net has incorporated developer-friendly features to eliminate unnecessary complexity and ensure the fastest possible deployments. The new features include a host of one-click apps, such as WordPress, Django, LAMP, LEMP, Docker, and Node.js and customers will benefit from superior network speeds. The new data center is located in a seven-story, 179,000 square foot facility in close...

Read More
A-Lign Auditors Confirm Atlantic.Net Hosting Service is HIPAA-Compliant
Apr14

A-Lign Auditors Confirm Atlantic.Net Hosting Service is HIPAA-Compliant

Atlantic.Net has announced it has been verified by a third party as fully compliant with the requirements of the Health Insurance Portability and Accountability Act (HIPAA) Rules and fully meets its responsibilities as a business associate of HIPAA-covered entities. Atlantic.Net has developed a HIPAA-compliant hosting platform for the healthcare industry. The platform incorporates a range of technical safeguards to ensure that its customers’ data remains 100% secure at all times and protected against unauthorized access. To ensure that all provisions of HIPAA had been satisfied, Atlantic.net engaged the third-party, full-service security, assurance, and compliance solutions firm A-lign to conduct a compliance audit to assess Atlantic.Net controls and safeguards against the HIPAA Security Rule. “Our audit finds Atlantic.Net is in full compliance with the relevant controls and meets all HIPAA compliance standards and requirements for physical and environmental controls, and the management oversight of the environment,” said Gene Geiger, Partner, A-lign. The Orlando-based hosting...

Read More
Cloud Security Adoption: Healthcare and Pharmaceutical Lead the Way
Mar31

Cloud Security Adoption: Healthcare and Pharmaceutical Lead the Way

When it comes to Cloud Security adoption, the healthcare and pharmaceutical industries lead the way according to a recent survey by CipherCloud, an industry leading provider of secure cloud services. Both industries are required to implement safeguards – under the Health Insurance Portability and Accountability Act (HIPAA) – to ensure that Protected Health Information is kept private and confidential, which according to the report is the reason why cloud security adoption is so important and uptake has been so high in these industries. Healthcare and pharmaceuticals have been grouped together in the report, and account for 38% of companies which have chosen to store data securely in the cloud. The banking and finance industry is second, accounting for 25% of companies, with telecommunications third (16%) and the Government in fourth spot (9%). HIPAA does not demand that PHI is encrypted while at rest, although data encryption is an addressable area. If covered-organizations decide not to encrypt data, they must document the reasons why, along with the alternative safeguards...

Read More
HIPAA Compliance and the Cloud
Mar13

HIPAA Compliance and the Cloud

The cloud offers many advantages to healthcare providers and other covered entities. It is possible to use cloud services and remain HIPAA compliant; however, it can be a long and arduous process to obtain all the necessary documentation to confirm that is the case, and if you can’t, you could end up violating HIPAA Regulations. The cloud is convenient and flexible. Covered entities (CEs) can use private and secure cloud services which allow a great deal of customization and there are now a wide range of companies offering cloud based services to the healthcare industry; an industry that has traditionally lagged behind others when it comes to adopting new IT technology. However, any CE using the cloud must exercise extreme caution, especially when it comes to moving data to and it. This is an area well covered by HIPAA regulations. Many healthcare providers have ventured into the cloud already and have implemented their own measures to ensure that PHI is secured. Today, a number of providers of cloud services are taking care of this aspect of the business and are offering “HIPAA...

Read More
AIS Network Announces Launch of HIPAA Compliant Secure Cloud Services
Feb16

AIS Network Announces Launch of HIPAA Compliant Secure Cloud Services

AIS Network has announced the launch of a range of managed High Security Private Cloud services which are fully HIPAA-compliant, and have been developed to offer the highest levels of security as required by the healthcare sector. The company’s new range of services is fully compliant with HIPAA, HITECH, PCI and FISMA, and has been developed specifically for highly regulated industries. Many healthcare providers are reluctant to outsource their IT services, in particular if they require contact with highly sensitive data. Outsourcing payment and patient portals and data storage can increase the risk of committing HIPAA-violations. In order for healthcare providers to make the switch to managed cloud services they must be confident that the service provider they choose understands healthcare regulations and can guarantee 100% HIPAA compliance. Few providers are prepared to give such a guarantee. AIS Network provides a solution with a suite of compliant High Security Cloud Services built on the Microsoft Cloud Platform. This ensures easy integration with existing healthcare...

Read More
Outsourcing IT to HIPAA Compliant Data Centers is a Viable Solution
Dec08

Outsourcing IT to HIPAA Compliant Data Centers is a Viable Solution

Healthcare organizations are facing an increasing financial and logistical burden as a result of stricter HIPAA privacy and security rules. Additionally, as the volume of electronic data increases, healthcare organizations must allocate extra resources to their IT departments to ensure that the data is protected and IT systems are made more robust. Most healthcare centers operate with strict budgets and often there are insufficient funds to develop the necessary IT infrastructure to ensure HIPAA compliance; however with audits being conducted by the Office for Civil Rights, doing nothing is not an option. Heavy fines are being issued for each instance of non-compliance found by the OCR which are far in excess of the cost of upgrading current systems. In order to comply with current regulations, healthcare organizations must either invest in their IT departments and upgrade their existing data centers, or if this is not viable, construct new data centers and incorporate the latest technology, hardware and software to ensure the ePHI of patients is properly protected. There is also a...

Read More
Government Conference Highlights Importance of HIPAA Compliance
Sep25

Government Conference Highlights Importance of HIPAA Compliance

This September the Government held the 7th annual conference, Safeguarding Health Information: Building Assurance Through HIPAA Security, in Washington, D.C. The conference was co-hosted by the National Institute of Standards and Technology (NIST), the Office for Civil Rights (OCR) and the Department of Health and Human Services (HHS). One of the main aims of the conference was to highlight the current state of health information management and to explore the use of information technology in healthcare while ensuring Health Insurance Portability and Accountability Act (HIPAA) compliance. Practical advice and strategies were also provided to streamline implementation of the HIPPA Security Rule. The HIPPA Security Rule was introduced to set a standard to protect the privacy and confidentiality of patients’ health information. Healthcare organizations and other HIPAA covered entities are required implement appropriate safeguards to protect electronic health information during storage and transit. Appropriate technical, administrative and physical safeguards must be employed to prevent...

Read More
Cloud Service Providers Must Comply with HIPAA Regulations
Aug20

Cloud Service Providers Must Comply with HIPAA Regulations

The growing data storage demands placed on healthcare organizations require frequent hardware updates and increasing amounts of space dedicated to servers and IT staff must be employed to manage hardware, update software and maintain networks. Many healthcare companies lack the space or resources to securely store data and outsource their data storage to cloud service providers. The recently introduced HIPAA Omnibus Rule – often referred to as the Megarule due to its extensive changes to existing legislation – updates the Health Insurance Portability and Accountability Act (1996) expanding its reach to include business associates of healthcare companies and their subcontractors. In order to do business in the healthcare sector, IT and data storage companies must now comply with HIPAA regulations and sign a business agreement with the healthcare provide for whom they are providing the service. In the case of cloud hosting companies it is clear that HIPAA regulations apply as the companies are required to store Protected Health Information, even if the data is not actually viewed....

Read More
Beware of HIPAA Complaint Cloud Services
May26

Beware of HIPAA Complaint Cloud Services

Gartner, Inc., a Connecticut-based information technology research and advisory firm, has predicted that cloud spending will increase to $150 billion by the end of the year, and that with the increasing costs faced by the healthcare industry, 30% of healthcare organizations will look to the cloud as a way of reducing operating costs and improving efficiency. Under HIPAA regulations, healthcare providers and their Business Associates are permitted to use cloud services, even for activities that require contact with Protected Health Information. Data can be backed up in the cloud, housed in the cloud, and cloud-based software and applications can be developed. Provided of course, that Privacy and Security Rules are adhered to. Care should be taken when choosing “HIPAA Compliant” cloud services, as while products can be compliant with federal regulations, there is no guarantee that this will be the case with any product or service. Regulations do not just cover the service or platform offered, but include administrative requirements, rules on how data is uploaded, downloaded and...

Read More
Cloud Service Providers Must Become HIPAA Compliant
Jul09

Cloud Service Providers Must Become HIPAA Compliant

On 26th March, 2013 the Omnibus Final Rule of the Health Insurance Portability and Accountability Act came into effect, after a long period of amendments and adjustments. The main purpose of the new legislation is to adjust the HIPAA Privacy and Security Rules and breach notification rules, with this major amendment often referred to as “The HIPAA Mega Rule”. The new rules apply to all HIPAA covered entities and the Department of Health and Human Services will be enforcing the rules; its Office for Civil Rights is due to commence a serious of random audits to check for compliance later this year. The new rules apply not only to healthcare organizations but also their business associates. Under the final rule the definition of business associate has also been changed, and now includes any provider of a service that has contact with electronic protected health information (ePHI). Specifically this means any entity that “creates, receives, maintains, or transmits protected health information (PHI) on behalf of a covered entity”, and they must now agree to abide by the HIPAA Omnibus...

Read More