Patient Privacy Rights asks HHS for guidance on cloud security

The Department of Health and Human Services has reached a $100,000 HIPAA settlement with Phoenix Cardiac Surgery over a violation that occurred between 2007 and 2009. Patient Privacy Rights is advocating for HHS to regulate cloud use in healthcare to protect patient data. They recommend creating cloud-computing guidelines around secure infrastructure, security standards, and business associate agreements. Cloud providers and the healthcare industry could benefit from education and guidance on applying federal privacy and security rules in the cloud.