The Cloud Shared Responsibility Model

Many public cloud platforms can be configured for use in healthcare applications. Specific safeguards must me addressed for managing and monitoring HIPAA compliance.

What Makes The Cloud HIPAA Compliant?

Many public cloud platforms can be configured for use in healthcare applications. Specific safeguards must be addressed for managing and monitoring HIPAA compliance.

Administrative Safeguards

Written policies and procedures, staff training, contingency planning, monitoring and policy review

Technical Safeguards

Encryption, data integrity, authentication, backup and failover, auditing and logging

Physical Safeguards

There is a bunch of useful and necessary elements for developing your website.

Cloud Compliance: A Joint Effort

HIPAA compliance is a joint effort between cloud providers and your organization. It is a constant process of review, monitoring, and maintaining. Public cloud providers such as Google Cloud Platform (GCP) and Amazon Web Services (AWS) typically provide Business Associates Agreement (BAA) that dictates specific cloud services may be configured for HIPAA compliance and layout technical and physical safeguards. It is the responsibility of the organization to properly configure their cloud environment, create organizational policies, and develop applications that meet HIPAA compliance standards.

Learn how Dash helps organizations manage HIPAA responsibilities.

The Shared Responsibility Model

Unpacking the requirements for maintaining HIPAA compliance in the public cloud

Cloud Provider Responsibilities

Cloud platforms are responsible for security and compliance
OF the Cloud.

  • Physical Access Controls
  • Data Access and Disposal
  • Internal Networking

Cloud Provider Responsibilities

Your Responsibilities

Your organization is responsible for security and compliance
IN the cloud.

  • Staff and Organizational Policies
  • Backup and Disaster Recovery
  • Service Availability and Failover
  • Auditing and Logging
  • Firewall Configuration
  • Data Storage and Encryption
  • Policies

Your Responsibilities

Explore Dash ComplyOps

See how Dash’s platform automates organization’s administrative and technical controls.

Learn More

Download Guide To Cloud Compliance

Download Dash’s guide to managing HIPAA compliance in the public cloud.

Download Whitepaper

Visit The Knowledge Center

View FAQs and learn more about HIPAA, cloud computing, and cybersecurity.

Explore Knowledge Base

Ready To Automate Compliance In The Cloud?

See how teams manage cloud compliance program with the Dash ComplyOps Platform.

Request A Demo
AWS Partner Healthcare Competency