Cloud computing allows users to access data stored in the cloud from anywhere with an internet connection. Because of its ease of use, using the cloud to store business and patient data has become standard best practices for most businesses across every industry. However as of late, with the rise of remote workers and the scramble to quickly adopt remote working practices, many businesses have fallen short in protecting their data. To provide guidance on HIPAA compliance and cloud computing, how you can use cloud software and comply with HIPAA is discussed.

Guidance on HIPAA and Cloud Computing: Security Threats and Security Measures

Guidance on HIPAA and Cloud Computing

2020 saw a huge increase in cloud computing, and as such, cybersecurity threats have increased. A recent study determined that there was a 10% increase in healthcare web application attacks, with an average of 187 million attacks a month. 

Proceeding a string of cyberattacks targeting remote workers, the FBI issued a warning, and the CISA provided guidance on bolstering cloud security

Some of CISA’s recommendations include:

  • Implement MFA for all users, without exception.
  • Focus on awareness and training. Make employees aware of the threats—such as phishing scams—and how they are delivered. Additionally, provide users training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities.
  • Implement conditional access (CA) policies based upon your organization’s needs.
  • Establish a baseline for normal network activity within your environment.
  • Ensure user access logging is enabled. Forward logs to a security information and event management appliance for aggregation and monitoring so as to not lose visibility on logs outside of logging periods.
  • Establish blame-free employee reporting and ensure that employees know who to contact when they see suspicious activity or when they believe they have been a victim of a cyberattack. This will ensure that the proper established mitigation strategy can be employed quickly and efficiently.

For more information on CISA’s recommendations, please click here.

Let’s Simplify Compliance

Do you need help with HIPAA and cloud computing? Compliancy Group can help!

Learn More!
HIPAA Seal of Compliance

Many of the above-mentioned recommendations directly tie into guidance on HIPAA and cloud computing. This is because many of these practices are required by the HIPAA Security, Privacy, or Breach Notifi