What HIPAA Compliance is?
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
This includes covered entities (CE), anyone who provides treatment, payment and operations in healthcare, and business associates (BA), anyone with access to patient information and provides support in treatment, payment or operations. Subcontractors, or business associates of business associates, must also be in compliance.
The HIPAA Privacy Rule addresses the saving, accessing and sharing of medical and personal information of any individual, while the HIPAA Security Rule more specifically outlines national security standards to protect health data created, received, maintained or transmitted electronically, also known as electronic protected health information (ePHI).
Explanation of HIPAA Compliant Hosting
Hosting a website or service adhering to the HIPAA guidelines requires HIPAA compliant hosting. The HIPAA recognizes all health care providers and their business associates as covered entities (CEs) and makes them responsible to safeguard the privacy and security of identifying information. Some CEs, particularly smaller sized CEs, don’t have the resources necessary to implement a system to handle and safeguard health data on their own, so they rely upon the services of HIPAA hosting.
However it is important to note that every HIPAA compliant hosting provider is self-proclaimed service provider who advertise to provide solutions to manage and maintain healthcare data under the rules and regulations established by the HIPAA. However, there are no governing rules or bodies to determine whether a particular hosting provider is actually able to maintain a system that meets the requirements for compliance. CEs have to look beyond the advertised capabilities of hosting providers to determine their fit for the job.
The Complete List of Reputed HIPAA Compliant Hosting Providers
VM Racks is the leading HIPAA Compliant Hosting Provider in this field. It is a Cloud Provider offering a full suite of HIPAA Compliant Solutions including hosting, email, sftp and more. They have a trademarked solution called True HIPAA Compliance™ which they use to guarantee their cloud hosting packages are 100% HIPAA compliant and they sign BAA’s for all customers. All of their HIPAA Compliant plans include “managed”, meaning VM Racks does all of your monitoring, hardening, scanning, patching, and server security.
Pricing for Managed HIPAA Compliant Hosting starts at only $199 and includes 24/7 support.
FireHost is another leading HIPAA Compliant Hosting Provider, their recent addition being “Compliance as a Service”. FireHost has invested heavily in their healthcare hosting solutions in the recent years. They offer HIPAA compliant server hosting along with several services to monitor and maintain HIPAA compliance.
SingleHop has a full suite of HIPAA compliant services. The combine both bare metal HIPAA compliant server hosting with a private cloud for full redundancy. SingleHop has advanced protection and monitoring mechanisms in place to ensure full HIPAA compliance. SingleHop as a HIPAA Compliant Hosting Provider caters custom-made solutions as per every client requirements.
4. Liquid Web
Liquid Web is a HIPPA Compliant Hosting Provider catering solutions in the lower price end, which makes them a great fit for a tighter budget. Their lower pricing doesn’t mean they comprise on quality or monitoring as they have a very advanced HIPAA hosting setup and can testify they are HIPAA compliant with a Business Associate Agreement (BAA). Liquid Web is one of the largest hosting companies in the world, allowing them to provide their services cost efficient.
Liquid Web allows you to configure your own HIPAA compliant hosting solution with prices starting at around $700 per month.
LuxSci is an interesting HIPAA compliant hosting solution for those looking for a low cost but good HIPAA compliant hosting provider. They take all necessary precautions to ensure HIPAA compliance, as well as signing a BAA. The reason they can offer their low pricing is that take a default server setup which you can make HIPAA compliant for a one-time fee. Their server infrastructure is already well equipped for handling HIPAA related hosting tasks.
Pricing starts at $100 a month for a low traffic website, but you can add extra server power and redundancy in the order process.
6. Online Tech
Online Tech is an enterprise level HIPAA compliant hosting provider with full HIPAA compliance from data center to server. They provide HIPAA compliant cloud server, dedicated servers and even co-location. Their entire product range and all data center locations are independently audited against the guidelines of the Department of Health & Human Services HIPAA audit protocol and they were found to be 100% compliant. You can request the audit report on their website.
Each HIPAA hosting solution is tailor made so you’ll need to request a quote to discuss your specific hosting requirements.
This HIPAA compliant hosting provider, offers much more than “just” HIPAA compliant hosting. Their offering comes with a whole range of HIPAA compliance service. OnRamp allows you to choose from 3 different HIPAA hosting solutions, with varying levels of control and monitoring. You can also decide to use their HIPAA Risk Management Tool.
To use OnRamp’s HIPAA hosting solution you start with a free consultation to discuss your need.
Datapipe is a specialized HIPAA compliant hosting provider focussing on providing compliant hosting solutions for HIPAA, PCI DSS and SOX. For their HIPAA hosting product they added all required HIPAA HITECH to their already advanced PCI hosting solution, making sure it adheres to the HIPAA hosting guidelines. They offer both private and public hosting cloud, as well as a hybrid solution (combining both). Datapipe combines their HIPAA compliant web hosting solution with a whole range of monitoring and management solutions for allow for full hands-off hosting.
Datapipe is an enterprise level HIPAA hosting provider and will provide a custom quote for each customer’s hosting requirements.
Connectria is an enterprise level HIPAA compliant hosting provider at a mid-range pricing level. You can choose to host in their own data centre of with Amazon AWS, for which they build their own custom solution. Connectria partnered up with TripWire to offer HIPAA compliance monitoring. Connectria has a pretty aggressive SLA offering a 100% uptime guarantee as well as a 100% secure guarantee.
Pricing for a Connectria HIPAA hosting solution starts at $665 per month, but a custom quote needs to be made depending on your hosting requirements.
INetU is an enterprise level HIPAA compliant hosting provider company focussed on offering the best of the best and they’re pretty good at it. They basically don’t sell HIPAA hosting, but offer a whole suite of HIPAA management solutions, including hosting. Their Healthcare hosting solution consists of both HIPAA hosting and advanced monitoring. They offer a HIPAA compliance dashboard which provides insight into all of the required HIPAA activities and procedures. INetU has regular webinars to provide you with useful information regarding HIPAA compliant web hosting.
INetU makes a custom quote for each customer’s needs and requirements.
Atlantic offers a full range of HIPAA hosting and related HIPAA compliance products. You can not only choose them as an HIPAA compliant hosting provider, but also for more specialized HIPAA compliant database hosting, application hosting or backups. You can also decide to place your own servers in their HIPAA compliant data center. All of the products are combined with active and aggressive monitoring for security purposes.
Pricing for Atlantic HIPAA hosting starts at $385 per month for a HIPAA compliant dedicated server.
Carpathia as an enterprise level HIPAA compliant hosting provider, position itself as industry leader by providing extensive white papers on healthcare security. Carpathia offer HIPAA compliant cloud hosting, managed hosting and co-location. They currently have a very advanced healthcare hosting solution in beta, called Healthcare Community Cloud Service.
Carpathia is a high-end enterprise level HIPAA compliant hosting provider, where you not only get HIPAA compliant hosting but a full HIPAA compliant infrastructure, priced accordingly.
IMPORTANT NOTE: -We would like to make a note that there is no Governing body to monitor any – HIPAA compliant hosting provider. Also HIPAA hosting is a very complicated and serious legal situation. All viewers are advised to take proper actions regarding information, before finalizing any HIPAA compliant hosting provider, to work with.