HIPAA Compliance

Any organization maintaining or transmitting electronic Protected Health Information (ePHI) must comply with HIPAA. And that now includes business associates, like contractors and subcontractors that perform services on behalf of a covered entity. So if you find yourself under the HIPAA umbrella, you need a skilled team to help you prove compliance.

38North’s senior-level consultants currently support multiple healthcare and research providers, and we have significant experience measuring HIPAA compliance and implementing an arsenal of required safeguards. Trust Us to Get You There.

38North logo

38North Is Your HIPAA Cloud Advisor

HIPAA compliance has been around since the mid-1990s — longer than today’s modern cloud infrastructure. When healthcare met the cloud, the importance of HIPAA grew exponentially. And we go back to the very start of that intersection, as the original cloud security consultants — helping healthcare organizations protect ePHI in the cloud.

Core HIPAA / HITECH Rules and Requirements

HIPAA is comprised of three separate rules, each of which have specific requirements for the handling and disclosure of ePHI. Knowing what to do with which, and when, can sometimes be confusing.

Security Rule
Privacy Rule
Breach Notification Rule

Security Rule

The HIPAA Security rule requires administrative, physical and technical controls to be in place to protect ePHI. Risk assessments must be conducted to prevent unauthorized access, and covered entities and business associates must comply with the rules.

Privacy Rule

The HIPAA Privacy Rule establishes rules and regulations for the use and disclosure of personal health information, governs patient consent when it comes to data sharing, and outlines patient rights regarding their data.

Breach Notification Rule

The HIPAA Breach Notification Rule requires organizations to notify affected individuals, HHS, and in certain cases the media, if there is a potential risk of data breach.

38North HIPAA Compliance Services

We take a holistic view of your compliance challenges, integrate them into your existing information security and privacy programs, while remaining sensitive to your budgetary and resourcing constraints.

Let’s Get (and Keep) You HIPAA Compliant

Book an initial HIPAA compliance conversation with one of our global security experts today and we’ll show you how compliance can help open new markets and provide industry-leading assurance.

Contact Us

(Please do not provide additional PII in this box)
This field is for validation purposes and should be left unchanged.