The Health Insurance Portability and Accountability Act was introduced in 1996 to protect and safeguard health information. This Act did revolutionize how organizations handled health information at different stages of its lifecycle. However, like many other sectors, health care organizations have started to adopt the public cloud to host their applications. While the majority of the cloud providers are HIPAA compliant, that does not mean that the application hosted on their platform is compliant with HIPAA regulations. When adopting public cloud services such as Microsoft Azure there are 2 stages of readiness that must be considered so that the applications hosted meet required regulatory standards.

1. Subscription level Considerations:

Security Center: Enable Azure Security center to fully cover all listed services. Although it’s not a free service, the security center provides real-time threat monitoring and alerting for services that are hosted within the Subscription, thus notifying you when there is any suspicious activity within any of the resources. Additionally, it provides regulatory compliance views that highlight controls that need to be remediated.

#azure #healthcare #azure-services #hipaa