Research Article

HIPAA Compliance and Cloud Computing

by  Parshant Tyagi, Navdeep Aggarwal, Bhanu P. Dubey, Emmanuel S. Pilli
journal cover
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 70 - Issue 24
Published: May 2013
Authors: Parshant Tyagi, Navdeep Aggarwal, Bhanu P. Dubey, Emmanuel S. Pilli
10.5120/12215-8356
PDF

Parshant Tyagi, Navdeep Aggarwal, Bhanu P. Dubey, Emmanuel S. Pilli . HIPAA Compliance and Cloud Computing. International Journal of Computer Applications. 70, 24 (May 2013), 29-32. DOI=10.5120/12215-8356

                        @article{ 10.5120/12215-8356,
                        author  = { Parshant Tyagi,Navdeep Aggarwal,Bhanu P. Dubey,Emmanuel S. Pilli },
                        title   = { HIPAA Compliance and Cloud Computing },
                        journal = { International Journal of Computer Applications },
                        year    = { 2013 },
                        volume  = { 70 },
                        number  = { 24 },
                        pages   = { 29-32 },
                        doi     = { 10.5120/12215-8356 },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }
                        %0 Journal Article
                        %D 2013
                        %A Parshant Tyagi
                        %A Navdeep Aggarwal
                        %A Bhanu P. Dubey
                        %A Emmanuel S. Pilli
                        %T HIPAA Compliance and Cloud Computing%T 
                        %J International Journal of Computer Applications
                        %V 70
                        %N 24
                        %P 29-32
                        %R 10.5120/12215-8356
                        %I Foundation of Computer Science (FCS), NY, USA
Abstract

The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare data. Governance, compliance and auditing are becoming as important pedagogical subjects as long established financial auditing and financial control. Designing sound IT governance, compliance, and auditing is a challenging task. This paper elaborates the concept of HIPAA compliance in cloud computing by taking a look at the history and dynamics. Cloud computing changes the astir of certain parts of HIPAA Security requirements. We briefly describe the cyber warfare as a premise to enforce the reasons for complying with government regulations for information systems. We discuss the compliance issues of HIPAA with specific reference to cloud computing.

References
  • Health Insurance Portability and Accountability Act of 1996 HIPAA.
  • "Health Insurance Portability Accountability Act of 1996 (HIPAA)," Centers for Medicare and Medicaid Services (1996) [Online]. Available: http://www. cms. hhs. gov/ hipaageninfo. (retrieved: 05/15/2006). wman,
  • L. Wei-Bin and L. Chien-Ding, 2008 "A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations," Information Technology in Biomedicine, IEEE Transactions on, vol. 12, no. 1, pp. 34-41.
  • TBGSECURITY, "Compliance Management," Available: http://tbgsecurity. com/tbg-basic/compliance-management.
  • Splunk, "Using Healthcare Machine Data for Operational Intelligence " 2013
  • Zavou, 2010, "An autopsy of data flows in cloud,"
  • D. T. Le Garen, 2011 "FISMA compliance and cloud computing," in Proceedings of the 2011 Information Security Curriculum Development Conference Kennesaw, Georgia: ACM.
  • Berghel, H. , 2012, Identity theft and financial fraud: Some strangeness in the proportions. Computer 45(1), 86.
  • Sophos: Groupon subsidiary leaks 300k logins, Fixes fail, fails again (2011 Jun), http://nakedsecurity. sophos. com/2011/06/30/groupon-subsidary-leaks-300k-logins-fixes-fails-fails-again/.
  • The Wall Street Journal: Google Discloses Privacy Glitch (2009), http:// blogs. wsj. com/digits/2009/03/08/1214/
  • Gens, F, October 2008, IT Cloud Services User Survey, pt. 2: Top Bene ts & Challenges. IDC, http://blogs. idc. com/ie/?p=210
  • Payment Card Industry Data Security Standard, https://www. pcisecuritystandards. org/security_standards/pc i_dss. shtml
  • FISMA:http://csrc. nist. gov/drivers/documents/FISMAfinal. Pdf
  • Gramm-Leach-Bliley Act (GLBA, the Financial Services Modernization Act), http://www. gpo. gov/fdsys/pkg /PLAW106publ102/contentdetail. html.
  • Sarbanes-Oxley Act 2002, U. S. Securities and Exchange Commission (effective July 30, 2002), http://www. sec. gov/about/laws/soa2002. pdf
  • T. D. Breaux, A. I. Anton, C. Karat, and J. Karat, "Enforceability vs. accountability in electronic policies," in Seventh IEEE International Workshop on Policies for Distributed Systems and Networks. pp. 4 pp. -230.
  • HHS. gov, (2013), "Health Information Privacy," Available: http://www. hhs. gov/ocr/privacy/
  • ISHERIFF, "HIPAA: Data Security and Privacy Compliance. "
  • C. D. o. H. C. Services, "HIPAA Standards Compliance Calendar,"Available:http://www. dhcs. ca. gov/formsandpubs/laws/hipaa/Pages/1. 10HIPAATitleInformatio
  • NETFORENSICS, "HIPAA, HITECH and the "Meaningful Use" of Log Management & SIEM:," 2010.
  • S. W. Jason Andress, Cyber Warfare: ELSEVIER, 2011.
  • A. Jason and W. Steve, Cyber warfare: techniques, tactics and tools for security practitioners: Syngress, 2011.
  • I. Gul, A. ur Rehman, and M. H. Islam, 2011, "Cloud computing security auditing," The 2nd International Conference on Next Generation Information Technology (ICNIT) , pp. 143-148.
  • D. Brand, 2012, "Internal Audit's Role in Cloud Computing," EDPACS, vol. 46, no. 2, pp. 1-10.
  • D. T. Le Garen, 2011, "FISMA compliance and cloud computing," in the 2011 Information Security Curriculum Development Conference Kennesaw, Georgia.
Index Terms
Computer Science
Information Sciences
No index terms available.
Keywords

Compliance Security policy cyber attacks

Powered by PhDFocusTM