What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a U.S. legislation that provides data privacy and security provisions for safeguarding medical information.

In order to be HIPAA compliant, a business needs to comply with the applicable HIPAA rules and regulations. This includes having in place a framework for protecting protected health information (PHI), and making sure the company does not violate HIPAA regulations.

HIPAA applies to covered entities and their business associates. A covered entity is a healthcare provider, a health plan, or a healthcare clearinghouse. A business associate is a person or entity that performs certain functions on behalf of a covered entity and handles PHI.


Does HIPAA apply to cloud services?

HIPAA applies to cloud services that handle PHI. HIPAA-compliant cloud services are referred to as cloud business associates. Cloud business associates must comply with HIPAA, and covered entities are required to enter into a business associate agreement with them.

Download additional compliance reports from the Exoscale compliance center.


Contact our Compliance Team

A doubt? Unsure if we comply to a specific regulation not listed here?

Contact our Compliance Team and let us know your requirements. It may be covered by other certifications or regulations we comply to.