| Sorry, totally misinterpreted that. > but I was here asking if you had to make any changes to keep abreast of changing regulations. No, we haven't. Not yet. > If Azure is somehow keeping track of all "changing regulations" for you (including business needs) and you've never had to worry about it, that's good to know. I would still be interested in any specific details if you're aware of it. I get your question know. So, when I was referring to Microsoft and HIPAA it was primarily around this side of things: https://learn.microsoft.com/en-us/azure/compliance/offerings... You do bring up a good point and I shouldn't have implied otherwise that it can handle everything for you. So yes, there is a ton of other stuff that isn't magically handled by you such as identifying PHI and stuff. That being said, they have a whole suite of analytical and machine learning tools that will help you do this. But since you mentioned policy changes, https://www.cms.gov/priorities/key-initiatives/burden-reduct... this is big and will have wide-reaching consequences and things like the ability to export patient data isn't necessarily baked into Azure. BUT, they do have this healthcare platform they're building like this stuff https://learn.microsoft.com/en-us/dynamics365/industry/healt... that I would imagine would provide a bit more coverage on those types of changes than something you're building yourself. Here's a deidentification service that can be integrated: https://learn.microsoft.com/en-us/azure/healthcare-apis/deid... |