Cloudticity Blog

Cloudticity's Blog- Everything you ever wanted to know about how healthcare organizations design, build, migrate, and manage HIPAA-compliant solutions on AWS.

MagicBox: The End-To-End Solution For HITRUST Certification

HITRUST certification is many things. It’s a shortcut to securing your system against the danger of data breaches; a process for ensuring compliance with HIPAA and other regulations; and a competitive edge for your business in the increasingly crowded healthcare information security space. One thing it is definitely not, however, is an easy accomplishment.

... Read more
| Author Gerry Miller, tagged in Compliance, HITRUST certification, HITRUST CSF

How The Cloud Cuts HITRUST Cost, Complexity, And Timelines

More and more healthcare organizations are discovering that HITRUST certification is critical to their success. While it’s not mandated, many providers and payers require their vendors be HITRUST certified. Because of the rigor of the process, certification also offers a competitive advantage for organizations that attain it.

... Read more
| Author Gerry Miller, tagged in

Cloudticity Oxygen Compliance - A New HITRUST Audit Experience

Now that you are acquainted with HITRUST and have chosen to continue your journey, I want to thank you again for being proactive! If this is your first compliance series post, please start below:

  • If you are new to HITRUST, start here.
    • To get a complete picture of the HITRUST Maturity Model and get some helpful tips from Cloudticity's experience, read this blog post.
  • If you need more information on Cloudticity Oxygen, start here.
    • Interested in how Cloudticity Oxygen alerts map to HITRUST? Check out this blog post.

For everyone else, each month we (usually) look into at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month is slightly different! Our last full HITRUST audit happened in 2017; we have now begun our updated full HITRUST audit based on a substantially updated set of controls, thus we want to share our new experience with you. Stay tuned next month for more Cloudticity Oxygen services or experiences.

... Read more
| Author Thomas Zinn, tagged in Technical Articles, Healthcare Industry, About Cloudticity, Compliance, Security, Encryption, HITRUST, Cloudticity, Healthcare, audit

Cloudticity Oxygen Compliance - Oxygen Alerts

Now that you are acquainted with HITRUST and have chosen to continue your journey, I want to thank you again for being proactive! If this is your first compliance series post, please start below:

  • If you are new to HITRUST, start here.
    • To get a complete picture of the HITRUST Maturity Model and get some helpful tips from Cloudticity's experience, read this blog post.
  • If you need more information on Cloudticity Oxygen, start here.

For everyone else, each month we look into at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month we are diving into Cloudticity Oxygen alerts. Stay tuned next month for more Cloudticity Oxygen services.

... Read more
| Author Thomas Zinn, tagged in Technical Articles, Healthcare Industry, About Cloudticity, Compliance, Security, Encryption, HITRUST, Cloudticity, Healthcare

Cloudticity Oxygen Compliance - HITRUST Maturity Model and Our Experience

I want to thank you for being proactive by beginning or continuing your HITRUST journey!

  • If you are new to HITRUST, start here.
  • If you are new to Cloudticity Oxygen, start here.

For everyone else, each month I will introduce you to at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month we need to dive into HITRUST's expectations (5 Areas of the HITRUST Maturity Model) and focus on the big picture (Cloudticity's Experience: Setting the Stage). Next month we will dive into Cloudticity Oxygen alerts and our workflow.

... Read more
| Author Thomas Zinn, tagged in Healthcare Industry, About Cloudticity, Compliance, HITRUST, Cloudticity

HIPAA Compliance 164.312(e)(1) - Transmission Security

Within the HIPAA Security Rule are Administrative, Physical, and Technical Safeguards. These safeguards are as important to understand as they are to implement, so let’s dive into one:

164.312(e)(1) - Transmission Security . Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.

... Read more
| Author Thomas Zinn, tagged in Compliance, Security, Encryption

The Need for HITRUST Certification

Today's risk management reality

Serving the healthcare industry can be a double-edged sword. On the one hand, healthcare vendors have the privilege to participate in something that actually makes the world a better place - helping people lead healthier lives, and helping them get better when they're sick. On the other hand, the healthcare industry rightfully comes with a significant responsibility toward privacy, security, and governance. Vendors are saddled with filling in yet another 250-line Excel security questionnaire every time they want to be considered for a new project, and often have to execute multiple assessments for various regulatory frameworks as HIPAA, SOC 2, the NIST Cybersecurity Framework, and MARS-E, to name just a few.

... Read more
| Author Gerry Miller, tagged in Healthcare Industry, Compliance

Best Practices Purchasing Reserved Instances

Reserved Instances (RIs) provide substantial savings compared to On-Demand pricing, and provide immediate savings opportunities for most companies. This blog post explores the fundamentals of RIs, and provides advice on how to get the most out of reservations. Managing RIs is complex considering the many types, levels of pricing, and rules around usage. Therefore, understanding the RI mix is essential to optimizing AWS usage costs. We asked Parquantix to help outline some important considerations when purchasing RIs. Parquantix manages more than $40 million in AWS reservations worldwide.

... Read more
| Author Nicole Chaika, tagged in Technical Articles

Cloudticity Releases Free, Fully Automated HIPAA Technical Assessment

For A Limited Time, Healthcare Organizations Can Automatically Check Their AWS Environments’ HIPAA Compliance At No Charge

SEATTLE -- Cloudticity, a leading provider of HIPAA-compliant managed services for AWS, announced today that it has released an automated tool for healthcare organizations to execute a HIPAA technical assessment on their Amazon Web Services accounts for HIPAA compliance. In doing so, Cloudticity is continuing their mission to improve healthcare by providing a growing list of security, compliance, and management tools to the industry. Executing the automated compliance check takes five minutes, and is complete within five hours.

... Read more
| Author Gerry Miller, tagged in News

Cloudticity Achieves HITRUST CSF Certification

CLOUDTICITY ACHIEVES HITRUST CSF CERTIFICATION TO FURTHER MITIGATE RISK IN THIRD-PARTY PRIVACY, SECURITY, AND COMPLIANCE

HITRUST Certification validates Cloudticity is committed to meeting key healthcare regulations and protecting sensitive private healthcare information.

... Read more
| Author Gerry Miller, tagged in

HIPAA Security: Patching with AWS Step Functions

We're proud of our Cloudticity team members Uri Katsir and Thomas Zinn for their guest-post on the AWS Management Tools blog, "How Cloudticity Automates Security Patches for Linux and Windows using Amazon EC2 Systems Manager and AWS Step Functions."

... Read more
| Author Gerry Miller, tagged in

Verge Health Case Study

 

Our customer Verge Health empowers more than 900 healthcare organizations to proactively protect and defend patients, caregivers, and organizations against errors, adverse events, and policy violations in order to achieve optimal quality and safety results. Their Converge Platform is a comprehensive, enterprise software solution offering a secure workspace with built-in workflow for high-risk and high-liability data. With Converge, hospital systems have a cross-functional, proactive surveillance tool that is always on—highlighting issues and supporting a rapid response to any and all events.

... Read more
| Author Gerry Miller, tagged in

The Cloudticity Culture


What makes Cloudticity different from the slew of AWS partners out there? At the core, it's our culture. It what lets us win time and time again, over bigger, badder, bloated competitors.

Our team is productive, happy, healthy, and totally focused on keeping our customers secure, highly available, performance, and cost-optimized.

... Read more
| Author Gerry Miller, tagged in

MiHIN Case Study

Our customer, the  Michigan Health Information Network Shared Services (MiHIN), is Michigan’s state-designated entity to improve health care quality, efficiency, and patient safety by sharing electronic health information statewide, helping reduce costs for patients, providers, and payers. MiHIN is a nonprofit, public/private collaboration that includes stakeholders from the state of Michigan, health-information exchanges that serve Michigan, health systems and providers, health plans/payers, pharmacies, and the governor’s Health Information Technology Commission. 
... Read more
| Author Gerry Miller, tagged in

Scaling Healthcare Solutions with Automation

We're honored that AWS recently posted an article on the Amazon Partner Network blog about Cloudticity's advanced automation for Cloudticity Oxygen™. Cloudticity Oxygen is a purpose-built managed services platform specifically designed to help healthcare organizations stay HIPAA compliant on AWS with 24x7x365 support, incident management, continuous compliance monitoring, automated remediation of problems, and a bulletproof security operations center.

... Read more
| Author Gerry Miller, tagged in

IS HIPAA Compliance Possible on AWS? The Answer is YES...

It was an honor to be asked to present the first session on HIPAA compliance ever at AWS re:Invent. Check out the video of my  joint presentation with Mark Wellscott, Director of Application Development at Spectrum Health, where we talked about bringing their patient portal live on AWS. We solved some tough issues, including security, EHR integration, and DevOps concerns around automated deployments.

... Read more
| Author Gerry Miller, tagged in

Subscribe Today

Healthcare technology is moving fast.
Don’t miss a thing.

New call-to-action