HIPAA HOSTING SOLUTIONS
Hosting your critical data and applications with a provider starts with extreme trust and confidence in your hosting provider’s ability to meet HIPAA compliance requirements.
Hosting-Master.com partners with only the best qualified hosting provider. Liquid Web is a fully compliant HIPAA hosting provider with wholly owned data-center in several states. Partnering with our recommended HIPAA compliant hosting provider can help you dramatically improve and strengthen your chances of passing any HIPAA audit. Our solution comes with all the documents you need to prove to your auditor that you are dealing with an approved hosting provider. You get everything you expect from Liquid Web’s ready-to-go HIPAA Compliant hosting.
What questions should you, as covered entity, ask your HIPAA hosting provider?
According to an article by http://www.onlinetech.com/resources/references/five-questions-to-ask-your-hipaa-hosting-provider
Have you been independently audited against the OCR HIPAA Audit Protocol? You should verify your data center operator and hosting solutions to determine that they are truly HIPAA compliant, they need to be 100% compliant against the latest OCR HIPAA Audit Protocol, as determined by an independent auditor.
What particular IT services meet HIPAA compliant security standards for protecting PHI? Your HIPAA hosting provider should be able to answer this question with specific answers that detail recommended IT services – a private firewall, either virtual or dedicated, with VPN for remote access; data encryption following NIST standards; separate database and web servers for production, etc.
Do you have documented policies and procedures? Make sure you know your hosting provider’s policies when it comes to a data breach – they are required by law as a BA (Business Associate) to notify covered entities in a timely manner, and covered entities are required to notify affected individuals within 10 days. Not following these deadlines and procedures can result in costly lawsuits. If you want to know that these documented policies and procedures are available, call 517-322-0434
Are your employees trained? The recent military healthcare contractor HIPAA violation was attributed to an employee transporting PHI off of government property and leaving backup tapes unattended in the trunk of a car. The HIPAA compliant hosting provider’s employees must be properly trained or completely untrained in the proper security practices, including policies, physical security, logical security, risk response and reporting, passwords/workstation use, data protection and more. If you want to know that the employees of Liquid Web have been adequately trained, call 517-322-0434
Do you have a thorough BAA (Business Associates Agreement) with documented and communicated policies? Under HIPAA’s standards for penalties, the lack of a BAA implies negligence, which may fall under Willful Neglect – fines ranging from $10,000 to $50,000 for each incident and potential criminal charges. Thus, it is important to know that your hosting-provider can prove compliance of having a BAA. The BAA can also be valuable to define how the data is handled after service termination. The reason is that if your hosting provider does not destroy all the records of all the data that was on your server and databases, then you can be fined. If you want to know that Liquid Web has a Business Associates Agreement available, call 517-322-0434.
Have you been HIPAA AUDITED? The person or organization or school that lease a HIPAA Compliant server from a HIPAA Compliant Hosting Provider must meet HIPAA requirements first. So before you order an expensive HIPAA system, you should first verify that you as a business or organization can meet the requirements of the audit you must pass
Bottom Line: BEFORE YOU ORDER:
Here is what our HIPAA hosting data-center, hosted in the Lansing Michigan data-center of LiquidWeb.com who can provide: They will provide you the SOC docs you need to get started! This system is designed to meet the HIPAA requirements demanded by medical, legal and educational clients. Now, you have to do your homework, first.
SINGLE SERVER CONFIGURATION
RECOMMENDED FOR HIPAA COMPLIANT HOSTING
Single Dedicated Server for Web & Database Use
Guardian Continuous Backup Protection
Hardware RAID Configurations
Hot Swappable Disk Chassis
Physically Locked Cabinets
Fully Managed with Heroic Support®
On the page you can choose between Linux or Windows hosting.
You can configure your package to suit your needs.
For the full story: See: http://www.onlinetech.com/resources/references/five-questions-to-ask-your-hipaa-hosting-provider