|
|
|
|
|
|
by tubbzor
3965 days ago
|
|
|
I'm currently working on a cloud-based healthcare idea also. My team and I have been wrangling with the compliant systems and services out there for handling this problem too. The crux really lies in the logistics of the HIPAA standard as every healthcare service storing or transmitting patient information must comply with _at least_ these regulations. Each hospital is liable to run their own EHR system which makes it extremely hard to integrate directly with them in a single broad stroke. > Am I right to assume that it's nearly impossible to set up a cloud database that is accessed directly from, say, the OR of a hospital? It depends on you, the employees, and the hospital. HIPAA basically focuses on 3 factors for securing and storing sensitive data: (1) Physical data security, (2) Security of data in transit, and (3) Training of personnel with access to the data. Amazon has HIPAA services that handle (1), 3rd party services like you mentioned above or you can handle yourself for (2), and also 3rd party services or yourself can handle (3). Assuming you have (1) and (2) squared away, and assuming the employees in the OR have the proper training, there should be no compliance violation. |
|
|