Posts

Wireless tower in a city.

The Benefits of Going Wireless

There’s no doubt about it, wireless technology is mainstream. The number of people making the switch to wireless is increasing every day. By 2020, it’s there will be over 50 billion Wi-Fi connected devices worldwide. That’s a lot of radio waves!

There are many reasons why people are converting to wireless. This blog post is going to explore some of the best ones.

Less Hassle

Let’s be real. Wires are cumbersome, to say the least. They are messy, you trip on them, breakable, never long enough, and tangle easily. They’re essentially the worst thing about technology.

Going wireless means that you can greatly cut down on the use of wires in your business. Everything from mice, keyboards, printers, speakers, headphones, and phones are now wireless. Not only that, but they’re easy to use and many are hold a charge for a long time.

Mobility

Ever wanted to move to a quieter area of the office while continuing a call with a client but you couldn’t because you were wired-in? How about wanting to take your laptop outside and enjoy the sun while typing up a report only to be stopped by lack of a wireless connection?

Fact is, wires limit how you use your devices. Going wireless allows you to roam without losing your connection while working from a variety of locations.

Another way to increase mobility in your office (and beyond) is to ditch the on-premise server and switch to the cloud. According to North Bridge, “90% of organizations use the cloud in some way, with 50% using cloud service as their preferred solution.” Adopting a cloud solution is cost-effective and increases collaboration among employees. Now, combining wireless connectivity with the power of applications and data delivered via the cloud takes mobility to the next level, and that’s a win-win-win.

Flexibility

Going wireless makes it so much easier to reconfigure the office or set-up work areas when new employees join the team. It’s a hassle to move wired devices around and the possibility of mixing up wires or breaking them is always there.   

Being a wireless office means that you’re, quite literally, no longer tied down. Thus, you can use the valuable time you’d spend untangling, unplugging and plugging back in on more important projects.

Guest Access

Going wireless allows you to give secure guest network access to customers and business partners visiting your workplace. Gone are the days where the only place you could get an available wireless connection was a coffee shop. Customers these days expect many businesses to offer a free, stable wireless connection for the purposes of convenience and productivity.

Bonus. If you do offer wireless, customers consider this a value-add and another reason to do business with you over your competitors.   

Next Steps

No matter what industry you’re in, you can enjoy the benefits of going wireless. In a world with so many wireless devices and solutions, it just makes sense.

If you’re interested in learning more about how your company can take advantage of wireless technology, reach out to us. We’d love to talk to you about how we can improve your organization’s productivity by helping you go wireless!

 

Top 4 Ways Cloud Computing Will Make Your Life Easier

Your life if full of decisions. If you own a business, there’s no doubt you have to make several important choices on a daily basis that contribute to the success of your business. With the help of cloud computing, you can rest assured knowing you’re making the right decision for the growth and future of your company. Here’s why:

Financial Savings

You don’t want to spend more money than you need to. Imagine if you could reduce your spending by limiting your need for hardware, IT system maintenance, downtime, and even the amount of electricity you use. Over a period of time, cloud computing can provide you with some AMAZING cost-cutting benefits!

Flexibility

Flexibility is extremely important for a business. To be truly effective, you need to be able to adapt to most situations in a timely manner in order to be successful.

With cloud computing, you have a TON of flexibility. You can access your information from anywhere, at any time, and you can move your information from one server to another – so you’re no longer restricted by the limits of your hardware!

Disaster recovery

Preparation is often the key to success.

With the aid of cloud-based services, you’re not only preparing your company for any future problems, but you’re preparing to succeed. Cloud computing providers will help solve most issues you encounter, and they’ll help you do it quickly and efficiently.

With the cloud, you no longer have to worry about losing your valuable information to power failure, natural disasters, or any other crisis. Once your data is stored in the cloud, you’ll have peace of mind knowing it’s backed up and protected in a secure location.

By utilizing the cloud, you’re making complex and time-consuming disaster recovery plans a thing of the past.

Communication and Collaboration

A lot of important things happen at the work place, and communication and collaboration are often overlooked as necessary tools for company growth.

One amazing benefit of cloud computing is the ability to improve communication and collaboration within an organization. By converting to cloud based services, you and your employees have all the necessary resources they need to work efficiently from almost anywhere. Regardless of where they are located or which devices they’re using, the cloud will allow immediate distribution of relevant information to everyone within your company, ensuring constant productivity.

Overall, cloud services can be a huge asset to your company. Contact Cognoscape today, and let’s work together to build the perfect infrastructure for your business!

Why it’s Time to Move on if Your Hosting Cloud Provider Won’t Sign a HIPAA BAA

68Despite new HIPAA Business Associate Agreement (BAA) regulations going into effect in 2013, many healthcare organizations are still encountering the occasional cloud service provider who refuses to sign a BAA. Although they may have a logical explanation, any refusal to sign a BAA should be seen as a red flag.

Here’s the logic from their angle. There are still many cloud vendors who view themselves more as conduits of Personal Health Information (PHI). They feel their role is more akin to that of a mailman. They’re merely transporting data to others and have no real access to the actual contents.

If the data is encrypted and cannot be read, or If they don’t touch the actual PHI data at all, the cloud service vendor will argue that HIPAA regulations do not apply to them and possibly refuse to sign a BAA.

Fair enough, right? If the data is encrypted and the vendor doesn’t hold the encryption key, what’s the problem? Well, here’s the problem.

File this in the unlikely yet not improbable category. Let’s say that the PHI data wasn’t properly encrypted before it was sent into the cloud or unencrypted data was mistakenly transferred over to the cloud service provider. If the cloud provider has refused to sign a BAA, this jeopardizes your HIPAA compliance and could potentially result in a fine anywhere from $50,000 to $1.5 million.

This is why those in the healthcare sector must move on from any cloud provider that is reluctant to sign a BAA. They are basically refusing to be complaint since the new HIPAA Omnibus Rule clearly defines a business associate as anyone who creates, receives, maintains, or transmits PHI on behalf of a covered entity. By refusing to share accountability for HIPAA compliance, they’re a liability to your organization that you just can’t afford.

CLICK HERE for a free network assessment.

 

2 Steps to Ensure Healthcare Data Availability in the Cloud

66In 2013, major companies like Google, Amazon, and Microsoft experienced outages. Not only were these big name outages disruptive to users, but they also made headlines and proved to be costly to each brand. Google’s hiccup footed an estimated bill of $500,000 while Amazon’s 30-40 minute blackout contributed to roughly $3 million in losses.

2013 was also the year the healthcare industry embraced cloud computing thanks to modifications to the HIPAA Privacy, Security, Enforcement and Breach Rules. With these modifications extending the definition of a Business Associated (BA) to cloud service providers, many of the data breach concerns that had previously kept the healthcare sector from taking to the cloud have been quieted.

But as more patient health data is electronic and residing in a virtual environment, the availability of this data is just as important, if not more important, than securing it. Unlike Google, Amazon, and Microsoft, the disastrous effects of data outages in the healthcare sector can have potentially deadly consequences.

Not only is high uptime mandatory in a healthcare cloud, business continuity and disaster recovery (BCDR) plans are also crucial. The good news is the cloud’s virtualized infrastructure, coupled with the expertise and cloud monitoring of a trusted Managed Service Provider (MSP) can help healthcare organizations maintain uptime and reliability. Here are two helpful steps:

  1. Risk Assessments Are Absolutely Necessary

While risk assessments are critical to protecting patient health information, a 2012 audit conducted by the Office of Civil Rights revealed that many healthcare entities and contracted service providers fail to perform them. These evaluations must be conducted regularly and require an honest assessment of probable risks ranging from malicious cybercrime attacks to acts of nature such as natural disasters, flood, earthquakes and power outages. Analyze both the architectural vulnerabilities relative to data availability and security as well as the effectiveness of the counteractive measures in place. The goal is to minimize the plausible impact of such an event and prevent service disruption.

 

  1. Proactively Monitor for Cybercrime

It is often months before a security breach is detected. By this time, hackers have had ample time to infiltrate your system and feast on its data. Since cybercriminals use an unpredictable array of methods to strike, such as viruses, malware and phishing schemes to steal credentials, the strength of your detection system is key. Alerts should be set up to identify anomalies such as unusual application requests, forced entry attempts, suspicious spikes in traffic, and abnormal data patterns that suggest a breach. The proactive monitoring tools available through a MSP can help scan, pinpoint, and remediate such attacks.

Any BCDR plan must be built upon your organization’s recovery time objective (RTO) and recovery point objective (RPO). Your RTO is the duration of time in which your service level must be restored to avoid dire consequences. Your RPO is the maximum age of the recoverable files in storage to resume normal operations. A MSP can help determine the optimal scenario for your healthcare organization and prioritize the most critical health care information with near real-time replication.

Through this preparation and foresight, your organization can lay the groundwork to not only protect healthcare information in the cloud but potentially save patients’ lives in the event of an unforeseen outage.

CLICK HERE for a  free network assessment.

Healthcare and Cloud Computing Together at Last

65 For years, the healthcare industry was thought to be the very last sector to embrace cloud computing. With HIPAA compliance, storing private patient data in the cloud seemed much too risky from a security and legal standpoint. However, with a government issued mandate to migrate patient data to electronic heath records by 2015, the cost-effectiveness of the cloud was simply too logical to not entice independent practitioners and small healthcare entities now burdened by the need to invest technology and tech-savvy personnel. If only there was a way around the security and privacy concerns.

Wish granted. In January of 2013, the U.S. Department of Health and Human Services introduced a few revisions to the regulations administered under the Health Insurance Portability and Accountability Act of 1996. Labeled the “Final Omnibus Rule,” this update spelled out the legal framework to be used by healthcare organizations working with cloud service providers.

With a signed Business Associate (BA) agreement, a cloud service provider accepts the responsibility to protect patient data under HIPAA law. This expanded definition of BA means that the government can now penalize cloud service providers accountable for data breaches.

Although many healthcare organizations had already entrusted certain cloud service providers with their data, only the HIPAA covered entity (the healthcare organization) was penalized in the event of a breach prior to this ruling. While the HIPAA covered entity is still responsible for oversight, this shared accountability with the cloud service provider has expanded responsibility and has led to an influx of healthcare organizations and cloud service providers working together, worry-free, in perfect harmony.

CLICK HERE for a free network assessment.

5 Reasons Why You Should Get On The Cloud

45A recent article by The Guardian (UK) states that the cloud industry is set to see a growth of around 30% soon. But many small and medium business owners are still struggling to make sense of the cloud and how it can benefit them. If you are one of them, then here’s what’s in store for you when you migrate to the cloud:

1. Connectivity – Being on the cloud gives you unparalleled connectivity to your data—from anywhere and at any time. All you need is a device that can connect you to the web and you are set!

2. Save On Hardware Costs – Using the cloud for certain programs spares you the cost of investing in specific hardware. Even devices as simple as your smartphone or a tablet can help you access those applications so you don’t have to spend money on dedicated hardware. Studies have shown that cloud users end up enjoying as much as a 17% IT cost reduction compared to their non-cloud counterparts.

3. Cloud Enables SAAS – The cloud allows you to use software as a service. Microsoft 365 is one such example. When you use software as a service, you enjoy certain benefits such as more regular updates at a lower cost and the ability to have anyone work on the program for you by sharing the access credentials with them.

4. More Efficient Use of IT Staff – Moving to a cloud-based environment puts the burden of maintenance and downtime reduction on your service provider. That means you can use your limited IT staff more efficiently and also don’t have to worry about the costs associated with such maintenance or downtime.

5. Improved Productivity – Studies have shown that cloud users enjoy better productivity than their non-cloud counterparts. This could be because cloud service providers are better equipped to handle any IT eventualities than the average SMBs.

So, perhaps it’s time to ‘get cloudy’ and enjoy all that the cloud has to offer your SMB. And…if you need help in doing that, CLICK HERE.

Four Tips for Your Hybrid Cloud Strategy

42It should come as no surprise that many small to midsize business owners take pride in overseeing every aspect of their startup business. Naturally, many are apprehensive when it comes to surrendering control of their servers, their data, and their applications. The downside of this need for control is that operating and maintaining everything onsite can be time consuming, super expensive, and it can make your business more vulnerable to failure related downtime and cyber threats. Although everything can be stored in the cloud at a fraction of the cost, many aren’t responsive to the idea of sharing the infrastructure their technology runs on. The great thing about the cloud is it’s not an all or nothing thing. This is exactly why so many small to midsize businesses have turned to hybrid cloud solutions. Just as they name implies, hybrid cloud solutions are both on and off premises. It’s the best of both worlds. An entrepreneur can still control certain aspects of the business on-site, but simultaneously exploit the cloud’s cost effectiveness and overall scalability. For example, a local server like Windows Server 2012 can be housed and managed on-site but that server, or just specific files, can still be backed up in the cloud with Microsoft Windows Azure and stored far away off-site. This provides a partial disaster recovery solution in the event of a hurricane, flood, fire, or just a basic server crash.

Here are four tips for developing your hybrid cloud strategy:

  1. Honestly assess the current IT strategy – Over time, as your business grows and technology advances, your well-planned and neatly arranged IT infrastructure transforms into a disorganized mishmash of different servers and disconnected software and tools. View this almost as the spring-cleaning of a cluttered garage. What systems or applications are critical to your business right now and which ones no longer support your current or future business initiatives?
  1. Know what you want to keep close – Every business will be different in this regard. Certain companies will prefer keeping large files in-house, in a more controlled private cloud, for easy access but may be okay with having their emails out there in the cloud or vice versa.
  1. See how others are leveraging a hybrid cloud environment – New services once only available to large enterprises are now available to SMBs. This presents an extraordinary opportunity to be more agile, flexible, and better suited for new business opportunities and growth. Remote monitoring, 24/7 support, and disaster recovery solutions can be easily integrated within a hybrid-computing environment – regardless of operating systems, server types, or mobile devices used.
  1. Staged implementation – Be sure to plan your hybrid cloud strategy as a multi-year plan that is deployed in phases. For example, in the beginning, private controlled access to a public cloud service can be granted to internal application developers experimenting with a new business initiative. Or a new customer relations management SaaS (Software as a Service) application can be implemented.

This is the year that even small or midsize enterprises are getting serious about cloud operations and a strategic mix of public cloud services and private cloud may make the transition easier.

CLICK HERE for a free network assessment

Demystifying the Cloud in Layman’s Terms

24 For several years, cloud technology has been one of the most talked about subjects in business technology circles. By now, most small-to-medium sized business (SMB) owners have heard that cloud computing is transforming the way their peers do business, and they’ve been inundated with talk of how the cloud enables small businesses to cut IT costs and operate more efficiently.

But for many small businesses, the cloud is a pretty (ahem) nebulous idea, and they have a pretty wispy notion of its potential business value.

For example. 54% of SMBs told Wakefield Research – a market research firm – that they’ve never used cloud technology. Of that figure, it was found that roughly 95% of them were already in the cloud

We are going to explain cloud computing in layman’s terms. For decision makers who aren’t necessarily technology gurus, any mention of the cloud can sometimes set off a “Stranger Danger” alarm. SMBs often resist change because they fear the risks and costs of investing in new technology and they lack knowledge and support.

We’ve reached a point now where it’s obvious the cloud is here to stay and its economic benefits simply make too much sense to ignore. Since most start-ups and small businesses run with exceptionally strict budgets, bearing the financial brunt of owning, maintaining, and securing their technology may be impossible. Understanding the cloud – what it is, its benefits, its risks, and how to manage those risks – is critical.

A SIMPLE VIEW OF THE CLOUD

Let’s try describing the cloud for once without any tech lingo. Picture for a moment a really cramped office space. You and a few coworkers sit in tight quarters with disheveled desktops buried in mounds of files and paperwork. There is absolutely no room for storage. And it will be years before you’ll be able to afford a larger office space.

Your building manager offers to rent you an empty file cabinet in the basement. Although this basement space is shared with other tenants, only you and your team will have a key to this locked file cabinet to store and retrieve documents and files as you wish. Your rent is relatively cheap compared to other tenants since you’re only paying for the file cabinet and not the larger storage areas they’re renting.

Suddenly, those once cluttered desktops are cleared, leaving some actual physical space to work. Work can be done much more efficiently without the complications that once hindered it. This is close to what the cloud does for the backend of small business IT infrastructure.

THE CLOUD IS A TECHNOLOGY EQUALIZER

Historically, the technology used by larger companies has never been available to smaller businesses. Most SMBs have neither the hardware budget nor internal support to “own” a massive internal network infrastructure. Previously, only large organizations have had the money to invest in IT infrastructure. But the cloud truly democratizes computing and levels the playing field. In many ways, it’s the great equalizer, giving companies of any size the ability to store information at a remote datacenter rather than on-premises. It gives small businesses the ability to do large-scale business at a lower cost.

In 2010, Cloud Hype Market surveyed SMBs who had already made the switch to the cloud. Here’s some data from their findings:29

THE CLOUD ISN’T NEW, YOU’VE BEEN USING IT FOR YEARS

The cloud is more or less a buzzword for the Internet… or at least the next evolution of the Internet. Many SMBs don’t even realize that they’re already in the cloud and have been for more than a decade. Anyone that has ever used a hosted email provider such as Gmail has already had sensitive data stored, accessed and exchanged in the cloud. Cloud-based email hosting was one of the first and most broadly adopted cloud services used for both personal and professional use.

If you’re using social media sites like Facebook, Twitter, LinkedIn, or photo sharing sites like Instagram, you’re already part of the public cloud. Do you shop at Amazon or order movies through Netflix? You’re again in the cloud.

IT’S A MULTILAYERED CLOUD

The cloud has three deployment models:Chart2

Since SMBs don’t typically have the resources to build private clouds, most rely on public clouds. Public cloud deployments are completely virtual, which means less hands-on management is required since the infrastructure (hardware such as servers, storage devices, networking equipment, and firewalls) is all off-premises. In an economy where SMBs find themselves having to stretch their technology investment as far as it can go, the benefit of not having to pay for hardware, employees to maintain and manage that hardware, software licensing, deployment, and updating is critical.

One analogy commonly used is the public utility. Obviously nobody would expect you to power your home or business with your very own electrical plant. The costs to do so would be exorbitant and the maintenance would be impossible. Consequently, you and others within the same electric grid share in the overall cost of the infrastructure to generate and transmit electric power into your home. Being part of the grid enables us all to have access to affordable power based on our usage – just as the cloud makes business solutions that were once only affordable to large enterprises reasonable for SMBs by spreading costs across a network of users and charging only for actual usage.

Companies typically focus on offering one of three categorized cloud-computing services that are referred to as layers in the cloud. These are:Chart4

Basically, the cloud hosts an application for any type of work process needed by a SMB.

 34

WHY USE THE CLOUD?

  • Reduction of Costs: Significant savings can be achieved since the cloud’s mass scale computing minimizes on-site physical storage hardware and internal IT staffing.
  • Anytime, Anywhere Access: Since data access is no longer restricted to a solitary employee or physical device, users can access, share and collaborate in the cloud whenever and from wherever they please. Examples of cloud-based applications include Google Drive (Docs), Trello, Booker and PipeDrive.
  • Better Collaboration: The cloud is available on-demand to computers and other devices from any location at any point of time. This allows for better collaborative efforts among teams given today’s increasingly dispersed mobile workforce. To38day’s SMB can share data and collaborate across their organization in a way that was once only possible with a highly competent System Administrator and Microsoft Sharepoint.
  • Greater Scalability: Cloud-based services offer SMBs greater flexibility to scale IT needs up or down as the varying business environment demands.
  • Faster Deployment: Cloud-based services can be deployed within just an hour or a few days rather than the weeks or months it often takes to strategically plan, buy, build and implement an internal IT infrastructure.
  • Environmental Friendliness: The cloud’s energy efficiency is attractive to any company conscientious about the environment and wanting to be “green.” The Berkeley Lab conducted a six-month study that determined that shifting 86 million U.S. office workers to the cloud reduced energy usage by 87 percent. That’s enough left over electricity to power the city of Los Angeles for one year.
  • Improved Security: Although many SMBs cite security concerns as the reason they’re reluctant to move to the35 cloud, there are actually very few data breaches involving cloud providers. Of the reported 404 data breaches in the U.S. in 2013, roughly 270 of them were due to lost, stolen, or discarded devices and paper records, rogue employees, payment fraud, and unintentional employee error. Data in the cloud may actually be more secure than data stored on computers, laptops, and company servers with an array of security vulnerabilities. Unlike a laptop, the cloud can’t be left behind in a hotel lobby. Most SMBs cannot secure their datacenter with the advanced tools, encryption methods, frequent testing, and third–party certifications used by cloud service providers.
  • Business Continuity: Data storage and backup is one of the most frequently used cloud-based services amongst SMBs. Many cloud service providers offer SMBs unlimited storage capability, automated data sync and backup processes that reduce or eliminate downtime events.

 

THE NEED FOR CLOUD MONITORING36

SMBs who are still uneasy about a move to the cloud may want to consider cloud monitoring through a local managed services provider (MSP). Cloud monitoring helps SMBs deploy to the cloud with confidence. The idea of relinquishing control to a third-party service provider tends to make many SMBs understandably tense. Cloud monitoring offers the worried SMB owner or Chief Information Officer (CIO) around-the- clock end-to-end visibility into the performance of their cloud services and IT infrastructure. Cloud monitoring supports a hybrid deployment architecture by unifying servers deployed in multiple environments – whether it’s on premise, in a data center, or in a public cloud such as Rackspace or Amazon – into one single dashboard to simplify 24/7 performance monitoring. This allows SMBs to oversee the performance of any servers and applications deployed to the cloud to maintain optimal uptime and ensure a positive end-user experience.

Cloud monitoring services offer SMBs proactive monitoring, automated alerts, alert escalation, and full problem resolution support by way of a fully dedicated 24/7 network operations center (NOC). Cloud security is a37lso carefully monitored with frequent audits to proactively identify and address possible breach vulnerabilities.

Concerns about security are valid but small businesses today may actually be exposing themselves to more breach vulnerabilities by not being in the cloud. The notion that data must be on-site to truly be secure is as misguided as the belief that money is safer tucked beneath a mattress than in a bank. Top cloud-service providers are capable of investing far more into their security than any SMB running their own technology.

Cloud monitoring services adequately address any perceived loss of visibility SMBs commonly fear by taking to the cloud. It also simplifies the adoption of cloud solutions for SMBs, setting them on a path to progressively forge ahead with business goals and objectives and leverage new technology with confidence.

CLICK HERE for a free network assessment.

Five Major Benefits of the Cloud for the Healthcare Sector

28How Cloud Computing Enables Industry Advancements

When it comes to staying on top of industry trends, those in the healthcare sector utilizing cloud computing will undoubtedly have an advantage over those slow to adapt to change. The Internet is more widely used now by both patients and those providing health services.

Today’s patient desires anytime/anywhere access to health-related information and physicians may need access to digitized health data such as MRI scans, ultrasound images, or mammograms. Patient information must also be accessed for clinical decision-making such as potential prescription drug interactions or the American Recovery and Reinvestment Act of 2009 (ARRA) funded community health information exchanges (HIEs) that enable health providers and insurers to share a patient’s medical records with his or her permission. The cloud supports all of these.

In many ways, cloud computing levels the playing field as its affordable benefits are available to anyone from a small physician’s office or non-profit to large organizations or insurers. This fosters an all-inclusive collaboration that isn’t restricted to only large institutional players.

Major Benefits of the Cloud for the Healthcare Sector

  1. Security – Ironically, the biggest concern most healthcare entities have about taking to the cloud is one of its biggest strengths. Recent updates have made CSPs as responsible and liable for HIPAA compliance as the healthcare institutions that hire them. CSPs must ensure that data is encrypted, backed up, easily recoverable, and secured with permission-based access.
  2. Costs – Reduced costs are an incentive for healthcare entities to take to the cloud. Costs are dramatically cut since the cloud moves everything into a virtual environment, eliminating the need for costly hardware, software, maintenance, data center space, and IT labor. Pay-as- you-use fees requiring little-to-no capital investment replace these often overwhelming up-front capital expenses.
  3. Scalability – With the 2015 HER conversion deadline nearing, and the fact that health service providers are generally required to maintain patient medical records for at least six years, it’s easy to anticipate that managing such a high volume of patient data will inevitably stress any on-site IT infrastructure. But the cloud presents a scalable alternative where additional server or storage capacity is available as needed.
  4. Mobility – The cloud improves a physician’s ability to remotely access readily available patient information. This enables even the busiest physician to review a patient’s medical records or test results even after they leave the office.
  5. Sharing – Cloud computing keeps physicians better connected to not just their patients but their colleagues as well. Patients will notice benefits to medical professionals being able to share patient information online – for example, referrals to specialists will be more timely, there will be less paperwork to fill out with each office visit, and no unnecessary repeat diagnostic tests.

Are You Ready for This Transition?

The transition to cloud computing is underway in the industry. For healthcare service providers, it is no longer a question of if they will transition to the cloud, but when they can start benefiting from its potential savings and all of its capabilities.

Healthcare is a heavily regulated industry and cloud computing will continue to evolve to meet the industry’s growing security requirements and regulatory mandates. Many legitimate CSPs familiar with the healthcare sector already have strict security protocols in place to comply with regulations and will not hesitate to sign a BAA when asked. It is best to choose a CSP cautiously. Avoid any CSP who refuses to sign a BAA and carefully evaluate even those who do to get a feel for their stability, level of service, and delivery on promises.

Taking care of people – not your IT infrastructure – is your core service. Why not put the money being spent right now on hardware, software and equipment back into patient care while actually strengthening patient data integrity and security? Contact us today if you’d like to learn more about HIPAA compliant cloud-based technology.

CLICK HERE for a free network assessment.

HIPAA and the Cloud – Moving Toward 2015

29In the healthcare sector, the storing and sharing of sensitive digitized patient data has become a significant undertaking and is a heavy burden on resources. Preparation for a complete conversion from paper medical records to electronic health records (EHR) by 2015 has independent practitioners and small healthcare entities making significant investments in equipment, hardware and software, and tech-savvy personnel. Rather than focusing on the delivery of core patient care services, they must now worry about IT infrastructure issues, underlying network constraints and data center accessibility as well. This is problematic as very few medical offices or small health service organizations can afford to employ dedicated IT staff.

In this context, it is obvious that cloud-based solutions, which consolidate and outsource computing resources to external entities, would provide substantial relief to healthcare service providers. Data stored in the cloud is available on-demand and requires no expensive equipment, physical home or hired staff to manage and maintain it.

But while other business sectors have fully embraced the cloud for cheaper, more flexible, scalable and secure computing, many in the healthcare sector have yet to entertain putting patient data into the cloud. HIPAA-driven security and privacy concerns have been a serious deterrent.

This is about to change. Recent modifications to the HIPAA Privacy, Security, Enforcement and Breach Rules have made it clearer that data center operators are to be classified as business associates under HIPAA. This means cloud-service providers are required by law to report and respond to data breaches and uphold their obligation to properly protect and secure patient info.

These modifications are a game changer because they now assure covered entities such as doctor offices, hospitals, and health insurers that they can remain HIPAA compliant while adopting cloud technology.

Cloud Computing in Healthcare Sector Projected to Grow

According to recent report by the research firm Markets and Markets, although the healthcare sector has been notoriously slow when it comes to adopting new technology trends, the cloud computing market in this sector is projected to grow to $5.4 billion by 2017.

Breaking Down HIPAA and the Cloud

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was upgraded in 2009 with the Health Information Technology for Economic and Clinical Health (HITECH) ruling addressing the growing use of digitized medical records. HITECH was introduced to provide federal funding to deploy HER and establish a protocol for protecting the electronic storage and transmission of Protected Health Information (PHI). [PHI is defined as any information obtained, used or disclosed in the course of providing a healthcare service–treatment, payment, operations or medical records–that can be used to identify an individual.]

Compliance with HIPAA requires the reporting of any potential unauthorized PHI access. Because any impermissible access, use, or disclosure of PHI can severely damage an organization’s reputation, as well as levy penalties varying from $100 to $50,000 for first time offenders, it is understandable that many in the healthcare industry have chosen to avoid migrating patient data to the cloud unless they’re absolutely certain that a cloud-service provider (CSP) is HIPAA compliant.

Cloud-Service Providers as HIPAA Business Associates

Over the past five years, there has been much confusion whether cloud-service providers were classified as business associates (BAs) under HIPAA. The Department of Health and Human Services holds BAs accountable for certain required privacy and security obligations to protect PHI data, upholding them to a signed Business Associate Agreement (BAA). If confidential health data is compromised, the Associate is liable for responsibilities on their end.

The HIPAA privacy rule defines a BA as “a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity.”

Since most CSPs “maintain” PHI on behalf of either the covered entity or another BA that subcontracts them, one would assume they’d be deemed a BA themselves. But that hasn’t always been the case due to some ambiguous language that originally accompanied the regulation, language that was only just recently modified to expand the scope of BAs as defined by HIPAA.Capture4

As you can see, this language easily leaves “access on a routine basis” up to interpretation. For instance, although it states that HIPAA requires those accessing PHI data on a routine basis be treated as BAs, some CSPs felt they were mere “conduits” of protected data – not very different than courier services or postal services, having only random or infrequent access to public health information as they transport/share it with others. These CSPs would often argue that a signed BAA wasn’t necessary, thus avoiding the added due diligence or security control requirements and liability.

Take a high-volume Platform-as-a-Service (PaaS) for example. Here the CSPs primary role is to provide storage services that enable the covered healthcare entity’s staff, such as a doctor’s office, to routinely look at data stored remotely. While the CSP providing the PaaS bears responsibility for maintenance and upgrades to the hardware, software and the operating system, they don’t touch the actual PHI data all that much. Therefore, a CSP offering PaaS doesn’t necessarily have the same level of PHI access as a cloud provider using Software-as-a-Service (SaaS) who must grant their personnel daily access to PHI.

A similar argument could be made for a CSP who maintains encrypted PHI for a covered healthcare entity but doesn’t hold the encryption key.

This uncertainty was the reason for much of the healthcare sector’s reluctance to take to the cloud. If a cloud-service provider (CSP) didn’t feel the need to sign a BAA, and the patient info they managed was breached, the covered healthcare entity, not the CSP, would be fined.Capture5

The new HIPAA Omnibus Rule further clarifies that BAs and subcontractors of BAs are directly liable for compliance with certain HIPAA Privacy and Security Requirements. This has calmed skeptics, resulting in a healthcare industry now actively looking to cloud-based solutions.

Protecting personal information and cloud security are a must by 2015. CLICK HERE for a free network assessment and choose Cognoscape for your HIPAA compliant managed IT services.