If my service providers claim that they are HIPAA compliant, does it mean my business is HIPAA compliant?
No. Your cloud service provider can help you meet many of the physical and technical requirements of the HIPAA Security Rule, such as secure data centers and networks. However, your business is ultimately responsible for your HIPAA compliance. Your business is responsible for administrative safeguards mandated by HIPAA, such as policies and procedures, risk management, monitoring and audit, and for application security, such as access control. Your cloud service provider gives little or no support for the requirements outlined in the HIPAA Privacy Rules through the BAA.
We can help ensure your business is HIPAA compliant. Get a free privacy assessment to find out if your business is HIPAA compliant.