Filtered by Topic: 'Compliance'

We all know that America is in the midst of a public health crisis and that we will face a shortage of up to 95,000 physicians by 2025. The good news is that there are many technologists out there who see the problem and are actively creating solutions to fix it.

Caredove, for example, is an e-referral platform that is connecting infants with screening programs in order to identify and stop the development of life-altering diseases. Boston Children’s Hospital, too, created an Alexa-based ICU tool that helps streamline clinical operations, freeing up hospital bandwidth. Similarly, Cloudticity offers data interoperability solutions that collect, manage, and analyze data, allowing healthcare, life science, and genomic companies to spend less time trying to make sense of their data and more time actively helping the world.

Everything you do in your AWS environment creates a log, and every log plays an important role in keeping your customers’ data safe. If you’ve been keeping up with our blog, you know that having the ability to store, analyze, and retrieve these records is crucial for security and compliance purposes.

HITRUST certification is many things. It’s a shortcut to securing your system against the danger of data breaches; a process for ensuring compliance with HIPAA and other regulations; and a competitive edge for your business in the increasingly crowded healthcare information security space. One thing it is definitely not, however, is an easy accomplishment.

Logs are crucial component of virtually any network. From recording data retrievals and monitoring traffic to keeping track of updates and flagging errors, every action that takes place in your AWS environment creates a log.

Now that you are acquainted with HITRUST and have chosen to continue your journey, I want to thank you again for being proactive! If this is your first compliance series post, please start below:

• If you are new to HITRUST, start here.
  • To get a complete picture of the HITRUST Maturity Model and get some helpful tips from Cloudticity's experience, read this blog post.
• If you need more information on Cloudticity Oxygen, start here.
  • Interested in how Cloudticity Oxygen alerts map to HITRUST? Check out this blog post.

For everyone else, each month we (usually) look into at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month is slightly different! Our last full HITRUST audit happened in 2017; we have now begun our updated full HITRUST audit based on a substantially updated set of controls, thus we want to share our new experience with you. Stay tuned next month for more Cloudticity Oxygen services or experiences.

Now that you are acquainted with HITRUST and have chosen to continue your journey, I want to thank you again for being proactive! If this is your first compliance series post, please start below:

• If you are new to HITRUST, start here.
  • To get a complete picture of the HITRUST Maturity Model and get some helpful tips from Cloudticity's experience, read this blog post.
• If you need more information on Cloudticity Oxygen, start here.

For everyone else, each month we look into at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month we are diving into Cloudticity Oxygen alerts. Stay tuned next month for more Cloudticity Oxygen services.

I want to thank you for being proactive by beginning or continuing your HITRUST journey!

• If you are new to HITRUST, start here.
• If you are new to Cloudticity Oxygen, start here.

For everyone else, each month I will introduce you to at least one Cloudticity Oxygen service or feature, focusing on how it helps achieve HITRUST controls. This month we need to dive into HITRUST's expectations (5 Areas of the HITRUST Maturity Model) and focus on the big picture (Cloudticity's Experience: Setting the Stage). Next month we will dive into Cloudticity Oxygen alerts and our workflow.

Cloudticity's passion toward meeting security and compliance standards has led us down many paths over the past few years due to the ever-changing landscape of Healthcare and AWS. Let's reflect:

Within the HIPAA Security Rule are Administrative, Physical, and Technical Safeguards. These safeguards are as important to understand as they are to implement, so let’s dive into one:

164.312(e)(1) - Transmission Security . Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.

Today's risk management reality

Serving the healthcare industry can be a double-edged sword. On the one hand, healthcare vendors have the privilege to participate in something that actually makes the world a better place - helping people lead healthier lives, and helping them get better when they're sick. On the other hand, the healthcare industry rightfully comes with a significant responsibility toward privacy, security, and governance. Vendors are saddled with filling in yet another 250-line Excel security questionnaire every time they want to be considered for a new project, and often have to execute multiple assessments for various regulatory frameworks as HIPAA, SOC 2, the NIST Cybersecurity Framework, and MARS-E, to name just a few.