cognitive cybersecurity intelligence

News and Analysis

Cloud security demands a shared strategy for HIPAA compliance

The HIPAA Security Rule, drafted in 1998, did not anticipate cloud computing. Now, healthcare organizations and cloud vendors must work together to determine security responsibilities. Each party has a role to play, with the cloud service provider (CSP) responsible for physical security and internal access controls, while the customer controls encryption and file permissions. The HIPAA Security Rule was not designed for this shared security model, but regulatory guidance has acknowledged its importance. Healthcare organizations must carefully assess their cloud hosting capabilities and risks to ensure a strong security program.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Randall Munroe’s XKCD ‘Lying’

The article discusses a comic related to ‘Lying’ presented by Randall Munroe, the creator of XKCD, known for his distinctive comic artistry and dry humor.