vali_111 - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Despite bad rap, HIPAA omnibus rule helps sustain health IT

Shared accountability among vendors for data breaches is one reason the HIPAA omnibus rule is helping expand cloud usage in the health IT realm.

This article can also be found in the Premium Editorial Download: Pulse: Health IT data market sees a push for VNA systems adoption:

This is the second of two parts; read the first here.

The Apple, Target and Amazon issues this year have not affected Dell Healthcare Solutions' cloud business, which continue to expand, said chief medical officer Cliff Bleustein, M.D., and Paul Christman, VP of its public sector group. They concur that the tenets of the HIPAA omnibus rule -- basic as they may be, considering many vendors use HIPAA-compliant encryption and other data security practices as a baseline and build from there -- is helping fuel the growth of the health IT cloud.

One specific component of the HIPAA omnibus rule driving business, Bleustein said, is new business associate agreements that make vendors equally accountable for data breaches. That has made it easier for healthcare providers to enter into agreements with cloud vendors.

"We've been hosting environments within healthcare across multiple applications for many years and are very comfortable with that entire process," Bleustein said. "We continue to grow our cloud business across different platforms, year over year, and we're expecting to continue to grow that."

Christman pointed out that many reported electronic health data breaches on the HHS Office of Civil Rights' HIPAA "wall of shame" could have been prevented by simply turning on encryption. "All the lost or stolen laptops, lost or stolen server drives, lost or stolen backup tapes, all of them [were] unencrypted," he said. "That's a solvable problem."

Wal-Mart, health system looking to cloud

Ben Wanamaker, senior manager of Strategy and Operations for Wal-Mart health services, which runs the retailer's burgeoning in-store Care Clinics, said that Wal-Mart's overall corporate IT strategy tends to be guarded in general and cautious about data security in particular. This approach has served the company well, leaders feel, because they've so far steered clear of headline-making data breaches on a scale fit for a company earning $500 million in annual revenue.

That doesn't mean Wal-Mart clinics won't be on the cloud eventually, as the big-box giant wades into retail healthcare. It opened clinics at six stores last summer and plans to open another six by January.

"I haven't heard them comment negatively about cloud," said Wanamaker, who pointed out he's neither a technologist nor expert on IT architecture. That being said, he added that, "there's a lot more to the answer than, 'Is it in the cloud or not?' If it's there and it works, then great."

Cloud won't slow down emergency medicine services company

The health IT cloud is the way to go, and healthcare organizations that are reluctant to use cloud vendors -- or that would be scared off by the Target, Apple and Amazon anecdotes -- are "old-school," said Dominic Bagnoli Jr., M.D., CEO of Emergency Medicine Physicians.

His rapidly expanding company started with staffing for hospital emergency departments. Since then, the company added emergency department management services, medical practice back-office operations, a third-party collections company and a medical malpractice insurance organization.

"There's so much data out there, there will always be something that [goes wrong] somewhere and everyone doubts the whole system," Bagnoli said. "But, if one car breaks down we're never going to drive again? It doesn't bother me at all."

Let us know what you think about the story; email Don Fluckinger, news director or contact @DonFluckinger on Twitter.

Next Steps

Judy Faulkner says large providers aren't buying into cloud

Learn more about common myths stunt cloud use in healthcare

Read about how the HIPAA omnibus rule changes the duties of HIPAA-covered entities

This was last published in October 2014

Dig Deeper on HIPAA (Health Insurance Portability and Accountability Act)

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCompliance

SearchCIO

SearchCloudComputing

SearchMobileComputing

SearchSecurity

SearchStorage

Close