Index
Company
Investors
Properties
Services
Colocation
Connectivity
Facility Services
Compliance
Sarbanes Oxley
Gramm Leach
Hippa
SAS 70
Infrastructure
Scale 365
News Room
Contact
Customer Tools
 

HIPAA - Health Insurance Portability and Accountability Act of 1996
In February 2003 the Department of Health and Human Services released the final security standards of the Health Insurance Portability and Accountability Act (HIPAA).

Requirements
The IT areas of covered entities (CE’s) – including organizations that transmit health information in electronic form such as health plans, healthcare clearinghouses and healthcare providers – make changes to their technology processes to secure customer information. It covers “administrative, physical and technical safeguards to protect the confidentiality, integrity and availability of electronic protected health information” and require CE’s to implement basic safeguards to keep “electronic protected health information from unauthorized access, alteration, deletion and transmission.”

Compliance is due by February 2005. The government will not conduct regular reviews, but will investigate based on complaints they receive, punishable by fines as well as criminal prosecution. CE employees can be sued individually and as members of the organization.

365 Main Compliance
In addition to achieving and maintaining in-house compliance, a CE must also verify that its suppliers and other partners who share electronic protected health information have addressed the Administrative, Physical and Technical safeguards. The legislation requires the establishment and maintenance of contracts or other arrangements with every business associate in a chain of trust. These contracts must show how information will be protected as it is electronically transmitted, and business associates must notify CE’s of security breaches.

365 Sales Highlights
Customers that fall under HIPAA standards can come to 365 Main to store data and
use 365 Main as a hub for their communications to outside offices and vendors. Physical security, access control and disaster recovery are the top three growing concerns related
to HIPAA standards.

Administrative
• Work-force clearance procedures
• Termination procedures
• Access authorization
• Security Reminders
• Disaster Recovery Plans
• Emergency mode operation plan

Physical
• Seismic protection
• Backup systems and redundancy
• Contingency operations
• Facility security plan
• Access control and validation procedure
• Maintenance records
• Testing revision and procedures

365 Main Compliance
In addition to achieving and maintaining in-house compliance, corporations must verify that its suppliers and other partners comply with the level or control, reporting and testing. All partners must have auditable and documented standards, industry best practices and standardized processes. 365 Main has, through the completion of our SAS 70 audit, process and procedure surrounding all activities. 365 Main’s large storage network and vaulting options can act as the repository of your data, creating that chain of trust, and HIPPA compliance.

365 Main – The World’s Finest Data Centers