If you’re thinking about migrating a highly sensitive application to the cloud, consider using HIPAA requirements as a way to vet potential providers.

Federal law requires organizations dealing with private health information to adhere to strict security guidelines defined by the Health Insurance Portability and Accountability Act (HIPAA). Given that HIPAA regulations are an excellent risk-management strategy, non-healthcare companies can use a HIPAA-compliant strategy to protect sensitive information like credit card numbers and private customer information.

HIPAA compliance requires businesses to “maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting e-PHI (Electronic Personal Health Information),” but this could apply to any dataset. At a high level, here’s what you get with HIPAA compliance:

To read this article in full or to leave a comment, please click here