The Health Insurance Portability and Accountability Act (HIPAA) of 1996, was enacted by Congress to protect sensitive patient data. HIPAA establishes national standards for how companies should handle sensitive patient data and ensure data confidentiality, availability, and integrity. The act also contains compliance requirements for the security of electronic protected health information (e-PHI) and how patient data is stored. 

Many covered entities do not have the resources to maintain a compliant, onsite data center and rely on outsourcing healthcare data storage to a third-party data center or managed services provider. However, there are many considerations that come into play. Not all data centers are created equal, nor do they have appropriate systems in place for handling sensitive e-PHI. Given the compliance liability extends to these third parties through the HIPAA Omnibus Rule, you’ll want to approach how you outsource your healthcare data storage carefully.

Download our whitepaper guide to receive an in-depth explanation of HIPAA, the “Privacy Rule” & “Security Rule” that govern HIPAA, and the requirements you should look for when outsourcing the storage of e-PHI for your organization.