Blog

Big News: Azure NetApp Files is Now Ready for HIPAA

There’s big news for healthcare sector customers who want security and performance in the cloud: Patient data protected under the Health Insurance Portability and Accountability Act (HIPAA) is now covered under the Microsoft BAA, having undergone audits conducted by accredited independent auditors for the Microsoft ISO/IEC 27001 certification. This is an incredibly important distinction, especially since, according to IDC, healthcare’s data creation is growing the fastest of all industries, far exceeding the media sector and projected to match the financial services sector by 2025. To be fully realized, all that data needs a secure, high-speed, high-performance environment like Azure NetApp Files.

“Data is fundamentally changing the research enterprise and creating new extraordinary opportunities to learn things that were either un-learnable or would have taken generations.”

Stanford Medicine Faculty

The HIPAA law governs the use, disclosure, and safeguarding of protected health information (PHI) for healthcare providers and related healthcare companies, as well as associates, such as cloud service providers, that process PHI on their behalf. Azure NetApp Files can enable healthcare customers to meet, and exceed, their organizational goals as they shift sensitive patient data and critical infrastructure to the cloud, securely.

Azure NetApp Files is the ground-breaking service offered by Microsoft that solves performance and security challenges for organizations that want to move mission-critical applications to the cloud, including:

  • HPC – High performance computing at higher speeds than on premises
  • SAP – Certified for SAP as well as HIPAA
  • Linux – NFS and SMB file shares need zero code modifications to move to the cloud
  • Window Virtual Desktop (WVD) – Delivers a seamless user experience across any device
  • Oracle and SQL Server Workloads – Accessibility without latency

Taking Action with Azure NetApp Files

I recently spoke with Dave Nesvisky, Vice President of NetApp’s Healthcare division, about healthcare technology trends. He said: “Data is vital to the healthcare industry. As 2020 unfolds, the trend toward embracing the value of data – both historical and active - and using insights garnered from that data to deliver better, more accurate patient outcomes will intensify. Azure NetApp Files is the ideal platform to support data-driven care because it’s fast, scalable, simple to use, and secure.”

Azure NetApp Files is an innovative technology jointly engineered by Microsoft and NetApp that is redefining cloud file capabilities across every industry—a game-changer for the healthcare sector. Azure NetApp Files is ideal for the healthcare industry’s mission-critical big data workloads.

Built-in security capabilities ensure that your data is always protected in Azure, from always-on encryption to point-in-time data copies. Microsoft Azure offers a HIPAA “BAA as part of the Microsoft Online Services Terms to all customers who are covered entities or business associates under HIPAA for use of such in-scope Azure services.”

As a native service built directly in Azure, Azure NetApp Files keeps compliance simple. Clients get all the familiar benefits of a tier-one all-flash storage platform but delivered securely in the cloud. Fully managed file-shares allow customers to meet their business initiative of moving mission-critical applications to Azure.

The Indisputable Need for Compliance and Security

The future of healthcare, prediction, and prevention lies in the collaborative power of the cloud.

The U.S. Department of Health and Human Services states that a growing number of “providers are using clinical applications such as computerized physician order entry (CPOE) systems, electronic health records (EHRs), and radiology, pharmacy, and laboratory systems. Health plans are providing access to claims and care management, as well as member self-service applications. While this means that the medical workforce can be more mobile and efficient (i.e., physicians can check patient records and test results from wherever they are), the rise in the adoption rate of these technologies increases the potential security risks.”

As the industry reliance on data and technology increases, so too do the threats, making adherence to HIPAA more critical than ever.

Statistics from last year show a significant increase in healthcare breaches, leading to the healthcare records of 12.55 percent of the population of the United States exposed, impermissibly disclosed, or stolen. In 2019, 510 healthcare data breaches of 500 or more records were reported, a 196% increase over 2018. In fact, 2019 saw the report of more data breaches than any other year in history. There was a corresponding increase in records breached (37.47%) in 2019, increasing from 13,947,909 records in 2018 to 41,335,889 records in 2019.

Organizations that are found negligent, or in violation of HIPAA regulations, suffer severe penalties.

In 2019, ten HIPAA enforcement actions resulted in $12,274,000 in financial penalties being paid to the Office of Civil Rights to resolve HIPAA violations.

A study showed that "Not only has the number of attacks increased; more than 300 million records have been stolen since 2015, affecting about one in every ten healthcare consumers.”

The report authors write, “The dramatic rise in successful attacks by both criminal and nation-state-backed hackers illustrates how attractive and vulnerable these healthcare enterprises are to exploitation." The study showed that healthcare's struggles are often caused by legacy software. A research report from Forescout shows that most medical devices are operating on legacy platforms.

Forescout researchers write, "The costs of inaction can be staggering. Every second that a device remains noncompliant extends your window of vulnerability and increases your risk factor—exposing your healthcare organization to significant patient safety, financial, and business consequences.”

Take Action to Stay HIPAA Compliant

Take action to find out what Azure NetApp Files can do to keep your HIPAA protected data healthy, schedule a virtual VIP meeting here or reach out to me, Erin Ostrow, on LinkedIn.

Ready to get started with Azure NetApp Files? Register today.

 

 

 

-