Verizon Launches HIPAA-Compliant Cloud Services

Last month, I shared some of Verizon’s big plans for the medical space with you, including their desire to become the industry’s default carrier of secure healthcare data.  This week, Verizon has launched its cloud service line, and I wanted to share some of the details on how it’s set up with you.

Verizon’s Enterprise Solutions division is offering five “healthcare-enabled” services, including colocation, managed hosting, enterprise cloud, an “enterprise cloud express edition” and enterprise cloud private edition. In addition to the services, Verizon provides a HIPAA Business Associate Agreement which, one would assume, is particularly stringent in how it safeguards data storage and tranmission between parties.

The new Verizon services will be offered through cloud-enabled data centers in Miami and Culpeper, Va. run by Terremark, which Verizon acquired some time ago. Security standards include PCI-DSS Level 1 compliance, ITIL v3-based best practices and facility clearances up to the Department of Defense, Verizon reports.

In addition to meeting physical standards for HIPAA compliance, Verizon has trained workers at the former Terremark facilities on the specifics of handling ePHI, Verizon exec Dr. Peter Tippett told Computerworld magazine.

You won’t be surprised to learn that Verizon is also pitching its (doubtless very expensive) health IT consulting services as well to help clients take advantage of all of this cloud wonderfulness.

Not surprisingly, Verizon notes in its press release that “each client remains responsible for ensuring that it complies with  HIPAA and all other applicable laws and applications.”  If I were Verizon, I’d be saying that too, and doubtless states the obvious. That being said, it does make me wonder just how much they manage to opt out of in their business associate agreement.  Call me crazy, but I think they’d want to leave as much wiggle room as humanly possible.

The bigger question, as I see it, is how big the market for these services really is at present. According to the Computerworld story, only 16.5 percent of healthcare providers use public or private clouds right now. Verizon may be able to turn things around on the strength of its brand alone, but there’s no g uarantees. I guess we’ll have to wait and see.

About the author

Anne Zieger

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

5 Comments

  • CAAS, Compliancy As A Service…or something very much like that. I’ve been pitching this opportunity to cloud-based persistency vendors targeting mobility (iOS, Android) for some time. I am particularly focused in private practice healthcare, in which innovation has been stymied by HIPAA. Offering this service makes perfect sense, especially in private practice healthcare. And you get interoperability (core #14) out of the box for all users on the platform.

  • I can see smaller hospitals going this route so they can avoid having to have a substantial data center staff. Concept certainly makes sense. But I wonder, from my experience with their business line services over the years, how many different Verizon entities you will have to chase down when trying to get started or when something goes wrong. Still, if they do it right, this could be a very good thing.

Click here to post a comment
   

Categories