HIPAA Compliance Certification
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted by the United States Congress and signed by President Bill Clinton in 1996. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.
The U.S. Department of Health and Human Services (HHS) published the HIPAA Privacy Rule in December 2000, which was later modified in August 2002. This Rule set national standards for the protection of individually identifiable health. Compliance with the Privacy Rule was required as of April 14, 2003 (April 14, 2004, for small health plans).
HHS published the HIPAA Security Rule in February 2003. The Security Rule establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. Compliance with the Security Rule was required as of April 20, 2005 (April 20, 2006 for small health plans).
The Office of Civil Rights (OCR) administers and enforces the Privacy Rule and the Security Rule. Other HIPAA Administrative Simplification Rules are administered and enforced by the Centers for Medicare & Medicaid Services.
The Enforcement Rule provides standards for the enforcement of all the Administrative Simplification Rules.
All of the HIPAA Administrative Simplification Rules are located at 45 CFR Parts 160, 162, and 164. The Security Rule is located at 45 CFR Part 160 and Subparts A and C of Part 164.
View the combined regulation text of all HIPAA Administrative Simplification Regulations found at 45 CFR 160, 162, and 164.
Evocative Data Center Certified & Compliant Data Centers
|Location||PCDSS 3.0||ISAE 3402||HIPAA||SSAE 16||SOC 2|
Third-party audit conducted by A-lign. A copy of the report is available upon request.
How does HIPAA certification benefit our customers?
365 Data Centers’ compliance with the relevant sections of the HIPAA Security Rule enables covered entities, such as, health care providers, health plans and health care clearing houses, to accelerate their compliance with HIPAA requirements to protect the privacy and security of health information.
Covered entities would engage 365 Data Centers as a Business to help it carry out its health care activities and functions. Upon request, 365 Data Centers will provide a written Business Associate Agreement (BAA) demonstrates our specific HIPAA compliance with the Security Rules’ requirements.
Are Evocative Data Centers’ HIPAA audit reports available to review?
Yes, Evocative Data Centers’ HIPAA audit report is available to customers and qualified prospective customers and partners upon request. Please contact us for more information or to request a copy of our HIPAA audit report.
Will Evocative Data Centers provide a signed HIPAA Business Associate Agreement?
Yes, Evocative Data Centers will provide a written Business Associate Agreement (BAA) to covered entities upon upon request. Please contact us for more information or to request written BAA.