Sitemaps
Experts

Elliot Murphy

DevOps, Security, HIPAA, Digital Health tech

Bio

President Kindly Ops, a DevOps services company. Formerly CTO for CommonGround (Behavioral health), VP Cloud Development and Operations at Canonical, Ubuntu developer, Director MySQL Server Engineering. Obsessed with bending technology to serve real people.

Recent Answers

Healthcare

What does it take to set up a HIPAA compliant infrastructure?


Elliot Murphy

DevOps, Security, HIPAA, Digital Health tech

For AWS, it costs about $1500 a month minimum because you have to use dedicated EC2 instances. However, if you are already at the point of spending that much per month in EC2 instances anyway, it won't cost much more - it's just that becomes the minimum cost even for a single EC2 server. There are many AWS services that are not on the HIPAA/BAA approved list, so you'll have to take that into consideration. By far the most expensive thing is the time it takes to train all your staff and put in place the appropriate administrative controls to ensure that data is safeguarded and patches are put in place. It's not that expensive to be HIPAA compliant, and if you aren't HIPAA compliant you are likely doing a very bad job of security. I always advise folks to do a good enough job with security (encryption, backups, proper oversight) that everything is HIPAA compliant even if it doesn't have to be. Also, ever since the 2013 omnibus rule, the HIPAA rules flow out to infrastructure providers even if their product seems to not be specifically about health data - if you have a customer that passes health data through your systems, you are on the hook. Even if your product is very generic like a helpdesk ticketing system.

Contact on Clarity

$

5.83

/min

5.0 Rating


Schedule a Call
Send Message

Stats

1

Answers

2

Calls

Areas of Expertise

Open Source SoftwareCloud SecurityDistributed SystemsHealthcare Information TechnologyDatabasesCloud StorageDynamic LanguagesHIPAASoftware LicensingDistributed Team Management