Health Providers Extend Their Embrace of the Cloud


Daniel Gottlieb cautioned healthcare providers on protected health information (PHI) security when using cloud-based data systems, noting that even applications seemingly removed from direct patient care could trigger HIPAA requirements for vendors to protect PHI. Some vendors will « include covenants in their agreements where the customer agrees that the customer will not upload any HIPAA protected health information into the service, » Mr. Gottlieb said. « What sometimes happens is the customer does upload PHI into the service even though there is not a business associate agreement in place. » Read the full article.