HIPAA Compliance and Cloud Computing

Parshant Tyagi; Navdeep Aggarwal; Bhanu P. Dubey; Emmanuel S. Pilli

Research Article

HIPAA Compliance and Cloud Computing

by Parshant Tyagi, Navdeep Aggarwal, Bhanu P. Dubey, Emmanuel S. Pilli

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 70 - Issue 24

Published: May 2013

Authors: Parshant Tyagi, Navdeep Aggarwal, Bhanu P. Dubey, Emmanuel S. Pilli

10.5120/12215-8356

PDF

Parshant Tyagi, Navdeep Aggarwal, Bhanu P. Dubey, Emmanuel S. Pilli . HIPAA Compliance and Cloud Computing. International Journal of Computer Applications. 70, 24 (May 2013), 29-32. DOI=10.5120/12215-8356

                        @article{ 10.5120/12215-8356,
                        author  = { Parshant Tyagi,Navdeep Aggarwal,Bhanu P. Dubey,Emmanuel S. Pilli },
                        title   = { HIPAA Compliance and Cloud Computing },
                        journal = { International Journal of Computer Applications },
                        year    = { 2013 },
                        volume  = { 70 },
                        number  = { 24 },
                        pages   = { 29-32 },
                        doi     = { 10.5120/12215-8356 },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }

                        %0 Journal Article
                        %D 2013
                        %A Parshant Tyagi
                        %A Navdeep Aggarwal
                        %A Bhanu P. Dubey
                        %A Emmanuel S. Pilli
                        %T HIPAA Compliance and Cloud Computing%T 
                        %J International Journal of Computer Applications
                        %V 70
                        %N 24
                        %P 29-32
                        %R 10.5120/12215-8356
                        %I Foundation of Computer Science (FCS), NY, USA

Abstract

The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare data. Governance, compliance and auditing are becoming as important pedagogical subjects as long established financial auditing and financial control. Designing sound IT governance, compliance, and auditing is a challenging task. This paper elaborates the concept of HIPAA compliance in cloud computing by taking a look at the history and dynamics. Cloud computing changes the astir of certain parts of HIPAA Security requirements. We briefly describe the cyber warfare as a premise to enforce the reasons for complying with government regulations for information systems. We discuss the compliance issues of HIPAA with specific reference to cloud computing.

References

Health Insurance Portability and Accountability Act of 1996 HIPAA.
"Health Insurance Portability Accountability Act of 1996 (HIPAA)," Centers for Medicare and Medicaid Services (1996) [Online]. Available: http://www. cms. hhs. gov/ hipaageninfo. (retrieved: 05/15/2006). wman,
L. Wei-Bin and L. Chien-Ding, 2008 "A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations," Information Technology in Biomedicine, IEEE Transactions on, vol. 12, no. 1, pp. 34-41.
TBGSECURITY, "Compliance Management," Available: http://tbgsecurity. com/tbg-basic/compliance-management.
Splunk, "Using Healthcare Machine Data for Operational Intelligence " 2013
Zavou, 2010, "An autopsy of data flows in cloud,"
D. T. Le Garen, 2011 "FISMA compliance and cloud computing," in Proceedings of the 2011 Information Security Curriculum Development Conference Kennesaw, Georgia: ACM.
Berghel, H. , 2012, Identity theft and financial fraud: Some strangeness in the proportions. Computer 45(1), 86.
Sophos: Groupon subsidiary leaks 300k logins, Fixes fail, fails again (2011 Jun), http://nakedsecurity. sophos. com/2011/06/30/groupon-subsidary-leaks-300k-logins-fixes-fails-fails-again/.
The Wall Street Journal: Google Discloses Privacy Glitch (2009), http:// blogs. wsj. com/digits/2009/03/08/1214/
Gens, F, October 2008, IT Cloud Services User Survey, pt. 2: Top Bene ts & Challenges. IDC, http://blogs. idc. com/ie/?p=210
Payment Card Industry Data Security Standard, https://www. pcisecuritystandards. org/security_standards/pc i_dss. shtml
FISMA:http://csrc. nist. gov/drivers/documents/FISMAfinal. Pdf
Gramm-Leach-Bliley Act (GLBA, the Financial Services Modernization Act), http://www. gpo. gov/fdsys/pkg /PLAW106publ102/contentdetail. html.
Sarbanes-Oxley Act 2002, U. S. Securities and Exchange Commission (effective July 30, 2002), http://www. sec. gov/about/laws/soa2002. pdf
T. D. Breaux, A. I. Anton, C. Karat, and J. Karat, "Enforceability vs. accountability in electronic policies," in Seventh IEEE International Workshop on Policies for Distributed Systems and Networks. pp. 4 pp. -230.
HHS. gov, (2013), "Health Information Privacy," Available: http://www. hhs. gov/ocr/privacy/
ISHERIFF, "HIPAA: Data Security and Privacy Compliance. "
C. D. o. H. C. Services, "HIPAA Standards Compliance Calendar,"Available:http://www. dhcs. ca. gov/formsandpubs/laws/hipaa/Pages/1. 10HIPAATitleInformatio
NETFORENSICS, "HIPAA, HITECH and the "Meaningful Use" of Log Management & SIEM:," 2010.
S. W. Jason Andress, Cyber Warfare: ELSEVIER, 2011.
A. Jason and W. Steve, Cyber warfare: techniques, tactics and tools for security practitioners: Syngress, 2011.
I. Gul, A. ur Rehman, and M. H. Islam, 2011, "Cloud computing security auditing," The 2nd International Conference on Next Generation Information Technology (ICNIT) , pp. 143-148.
D. Brand, 2012, "Internal Audit's Role in Cloud Computing," EDPACS, vol. 46, no. 2, pp. 1-10.
D. T. Le Garen, 2011, "FISMA compliance and cloud computing," in the 2011 Information Security Curriculum Development Conference Kennesaw, Georgia.

Index Terms

Computer Science

Information Sciences

No index terms available.

Keywords

Compliance Security policy cyber attacks