Cloudticity's passion toward meeting security and compliance standards has led us down many paths over the past few years due to the ever-changing landscape of Healthcare and AWS. Let's reflect:
164.312(e)(1) - Transmission Security . Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.
Today's risk management reality
Serving the healthcare industry can be a double-edged sword. On the one hand, healthcare vendors have the privilege to participate in something that actually makes the world a better place - helping people lead healthier lives, and helping them get better when they're sick. On the other hand, the healthcare industry rightfully comes with a significant responsibility toward privacy, security, and governance. Vendors are saddled with filling in yet another 250-line Excel security questionnaire every time they want to be considered for a new project, and often have to execute multiple assessments for various regulatory frameworks as HIPAA, SOC 2, the NIST Cybersecurity Framework, and MARS-E, to name just a few.