Verizon Cloud Services Agrees to Sign BAA

Earlier this month Verizon announced its cloud services aimed at healthcare providers.  These services are designed to be HIPAA compliant including providing the necessary physical, technical and administrative safeguards required by the HIPAA Security Rule.  Most notably with this announcement, Verizon has agreed to execute a Business Associate Agreement.  Verizon’s press release expresses its commitment to top security protocols and offers a cloud hosting possibility to traditional healthcare companies that self-host.  Verizon touts the cloud services as a safe, secure and fast mechanism for healthcare providers to efficiently share information with one another.

Verizon is not the only vendor attracting healthcare clients with HIPAA compliance and Business Associate Agreements.  Microsoft announced earlier in the summer its willingness to execute Business Associate Agreements as well with its Windows Azure Core Services.  Amazon has even published a white paper on HIPAA compliance when using its Amazon Web Services platform.

Though willingness to sign a Business Associate Agreement is significant, as well as the acknowledgement that these companies are subject to the HIPAA requirements (per the HITECH Act) healthcare providers contracting with Verizon, Amazon, Microsoft, or any other company should make sure that they are adequately protected, which not only includes the implementation of security safeguards but also sufficient indemnification provisions in case of a breach.  For more information about HIPAA and Business Associate Agreements please contact Elana Zana or Dave Schoolcraft.