There is a big push in the business world to move workflows and applications into the cloud. This push is in an effort to accomplish the following:
- Reduce overhead
- Enterprise scalability
- Minimize costs
The issue with employing some of these solutions in a medical business is that some of them require the need to comply with HIPAA laws, which doesn’t always work well with certain cloud platforms like AWS or Microsoft Azure.
Fortunately, there are provisions in place for these cloud providers to meet HIPAA compliance needs.
AWS readily provides Business Associate Agreement (BAA); however, you’re required to ensure that you host your own application(s). One issue with this is that dedicated instances have the drawback of being more expensive than shared instances.
At the same time, using them ensures that your VM will not have to split any resources with others. AWS also requires that apps be able to handle data-in-transition encryption, access controls and auditing.