Cloudticity Blog

Cloudticity's Blog- Everything you ever wanted to know about how healthcare organizations design, build, migrate, and manage HIPAA-compliant solutions on AWS.

Cloudticity Oxygen Compliance - Oxygen Alerts

Now that you are acquainted with HITRUST and have chosen to continue your journey, I want to thank you again for being proactive! If this is your first compliance series post, please start below:

  • If you are new to HITRUST, start here.
    • To get a complete picture of the HITRUST Maturity Model and get some helpful tips from Cloudticity's experience, read this blog post.
  • If you need more information on Cloudticity Oxygen, start here.

For everyone else, each month we look into at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month we are diving into Cloudticity Oxygen alerts. Stay tuned next month for more Cloudticity Oxygen services.

... Read more
| Author Thomas Zinn, tagged in Technical Articles, Healthcare Industry, About Cloudticity, Compliance, Security, Encryption, HITRUST, Cloudticity, Healthcare

Cloudticity Oxygen Compliance - HITRUST Maturity Model and Our Experience

I want to thank you for being proactive by beginning or continuing your HITRUST journey!

  • If you are new to HITRUST, start here.
  • If you are new to Cloudticity Oxygen, start here.

For everyone else, each month I will introduce you to at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month we need to dive into HITRUST's expectations (5 Areas of the HITRUST Maturity Model) and focus on the big picture (Cloudticity's Experience: Setting the Stage). Next month we will dive into Cloudticity Oxygen alerts and our workflow.

... Read more
| Author Thomas Zinn, tagged in Healthcare Industry, About Cloudticity, Compliance, HITRUST, Cloudticity

HIPAA Compliance 164.312(e)(1) - Transmission Security

Within the HIPAA Security Rule are Administrative, Physical, and Technical Safeguards. These safeguards are as important to understand as they are to implement, so let’s dive into one:

164.312(e)(1) - Transmission Security . Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.

... Read more
| Author Thomas Zinn, tagged in Compliance, Security, Encryption

The Need for HITRUST Certification

Today's risk management reality

Serving the healthcare industry can be a double-edged sword. On the one hand, healthcare vendors have the privilege to participate in something that actually makes the world a better place - helping people lead healthier lives, and helping them get better when they're sick. On the other hand, the healthcare industry rightfully comes with a significant responsibility toward privacy, security, and governance. Vendors are saddled with filling in yet another 250-line Excel security questionnaire every time they want to be considered for a new project, and often have to execute multiple assessments for various regulatory frameworks as HIPAA, SOC 2, the NIST Cybersecurity Framework, and MARS-E, to name just a few.

... Read more
| Author Gerry Miller, tagged in Healthcare Industry, Compliance

Best Practices Purchasing Reserved Instances

Reserved Instances (RIs) provide substantial savings compared to On-Demand pricing, and provide immediate savings opportunities for most companies. This blog post explores the fundamentals of RIs, and provides advice on how to get the most out of reservations. Managing RIs is complex considering the many types, levels of pricing, and rules around usage. Therefore, understanding the RI mix is essential to optimizing AWS usage costs. We asked Parquantix to help outline some important considerations when purchasing RIs. Parquantix manages more than $40 million in AWS reservations worldwide.

... Read more
| Author Nicole Chaika, tagged in Technical Articles