HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

CloudHealth by VMware Joins the Cloud Security Alliance Security, Trust & Assurance Registry

CloudHealth by VMware has announced it became a Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) registrant on January 23, 2020.

The Cloud Security Alliance is a not-for-profit organization that promotes the use of best practices to provide security assurance in cloud computing. The CSA has developed a library of online courses to help its 80,000 worldwide members ensure their cloud environments are properly secured. The CSA also hosts many webinars, events, and community discussions as part of its efforts to educate the business community on cloud security.

Cloud service providers can take advantage of the CSA Security, Trust & Assurance Registry Program, which allows them to become certified against industry standards. Cloud customers can use the registry to find cloud companies that meet the level of assurance they need, and to find out more about the measures each vendor has implemented to protect cloud infrastructure and safeguard cloud data.

Cloud service providers that have validated their cloud security offerings and been certified can easily demonstrate to current and future customers that they have implemented a range of controls to ensure security. The program helps cloud service providers establish trust through transparency.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Cloud customers can use the CSA’s Consensus Assessments Initiative Questionnaire (CAIQ) to determine which security controls have been implemented in IaaS, PaaS, and SaaS offerings and can use the questionnaire to determine compliance to the Cloud Controls Matrix (CCM).

The questions cover security controls in 16 categories, including Application & Interface Security, Audit Assurance & Compliance, Business Continuity Management & Operational Resilience, Data Security & Information Lifecycle Management, Datacenter Security, Governance & Risk Management, Interoperability & Portability, Security Incident Management, E-Discovery, & Cloud Forensics and Threat & Vulnerability Management.

By completing the questionnaire, cloud customers can easily ascertain the security posture of prospective cloud service providers and make an informed decision about which services have the appropriate level of security to meet their needs.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.