Helping you stay compliant<\/a> Taking a holistic approach to cybersecurity<\/a> Protecting the privacy of PHI and other data<\/a> Flexibility to digitally transform your way<\/a> A cloud you can trust<\/a> Additional Resources<\/a><\/p>\n In order for your health organisation to digitally transform and realise the benefits of the cloud, you must be willing to entrust your cloud provider with one of your most valuable assets \u2013 your data. Whether you\u2019re just starting to migrate your email or imaging storage to the cloud or you\u2019re considering using cloud-based clinical systems, you need to be able to trust the technology you\u2019re using. Trust is essential as you move datasets containing protected health information (PHI), including patient demographics and treatment information, to the cloud. It\u2019s critical as you share data across the health ecosystem, and expand how and where health professionals and patients access confidential information. So wherever you are on your journey to the cloud, it\u2019s vital to work with a service provider that you can trust. Not all clouds are created equal \u2013 it\u2019s crucial to check the facts and know what you\u2019re getting:<\/p>\n Below we cover these key considerations for health organisations as they begin or extend their use of the cloud. And we offer information and resources to help you find answers to your questions and understand how we earn our health customers\u2019 trust in our cloud services. <\/a><\/p>\n You know how complicated \u2013 and ever-changing \u2013 compliance requirements can be in the health industry. You need to be able to trust that your cloud service provider knows, too. Is it keeping up with the latest regulations in health? What\u2019s its history when it comes to compliance leadership? Microsoft has been involved with health industry standards groups and consortiums of customers and partners around the world for more than a decade. We behave and are audited like a healthcare covered entity across technical, physical and administrative safeguards. And we\u2019re proud of leading the way when it comes to offering cloud services that can help health organisations maintain compliance with applicable laws, regulations and key international standards. For example, we recently announced that Microsoft Azure is one of the first hyper-scale cloud computing platforms to become HITRUST CSF Certified<\/a>. We were also the first hyper-scale cloud vendor to offer a HIPAA business associates agreement (BAA)<\/a>. And we offer more covered services than any other cloud provider under one umbrella HIPAA BAA to help health organisations have the choice and flexibility they need while streamlining their compliance efforts. Our HIPAA BAA covers cloud services for productivity and collaboration, patient relationship management, analytics, application hosting, data storage and application and device management. And we\u2019re always adding more, so keep checking the list of services<\/a> covered. To help your health organisation comply with national, regional and industry-specific requirements governing the collection and use of sensitive data, Microsoft offers the most comprehensive set of compliance offerings<\/a> of any cloud service provider. Our cloud services operate with a cloud control framework, which aligns controls with multiple regulatory standards. We design and build our cloud services using a common set of controls, which streamlines compliance across a range of regulations not only for today, but for tomorrow as well. Then we engage independent auditors to perform in-depth audits of the implementation and effectiveness of these controls.<\/p>\n <\/a><\/p>\n Your health organisation is likely realising that security isn\u2019t just about complying with regulations. And it isn\u2019t just about your cloud services. Weakness anywhere in your technology stack can undermine security applied to other areas. To avoid technology breaches and cyberattacks \u2013 which are so often in the news these days \u2013 you need to take an end-to-end approach to protecting your data and infrastructure. You need an approach that helps you answer questions like:<\/p>\n Most cybercriminal schemes are successful because authentication controls and activity auditing around people, machines, software and data are lacking. We manage our cloud infrastructure across all these areas. When you put your infrastructure in our cloud, we manage the systems and software you use, and protect your data with strong security controls and sound processes that are independently verified. And we have a portfolio of technologies that can help you prevent and mitigate breaches in areas you manage: the identities of your people, their devices and the software and data on their devices. Microsoft builds security into our products and services<\/a> from the start. That\u2019s how we deliver a comprehensive, agile platform to better protect your endpoints, move faster to detect threats and respond to security breaches across even the largest of organisations. We offer industry-leading security, including encryption \u2013 at no additional cost, plus robust anti-virus, anti-threat and other security features.<\/p>\n <\/a><\/p>\n When you use cloud services, you want to trust that the privacy of PHI and other data will be protected. You want to know that you still own and control the data you\u2019re putting in the cloud and have visibility into how it\u2019s being stored and processed. At Microsoft, we understand that when our customers put their data in our cloud, it\u2019s their data, not ours. When you use our cloud services, you have control over the collection, use and distribution of your data:<\/p>\n What\u2019s more, our time-tested approach to privacy is grounded in the Microsoft Privacy Standard and the Microsoft Security Development Lifecycle<\/a>. Third-party audits and certifications validate our rigorous technical development standards and help ensure that privacy and data protections are systematically implemented. For example, Microsoft was the first major cloud provider to incorporate the first international code of practice for cloud privacy, ISO\/IEC 27018<\/a>. We also back those protections with strong contractual commitments.<\/p>\n <\/a><\/p>\n Digital transformation in health is a journey, not a destination. So you need to be able to trust that your cloud service provider can offer you the choice and flexibility you need not only today, but into the future. Whether you need to better engage patients, empower care teams, optimise clinical and operational effectiveness, or transform the care continuum, you can choose from the wide range of cloud eHealth solutions from Microsoft and our partners to help you achieve your goals. That means that rather than piecing together solutions using different cloud platforms, you can take advantage of the interoperability of our comprehensive set of Microsoft cloud services. You can also move to the cloud at your own pace. Our hybrid cloud solutions<\/a> enable you to use a combination of on-premises and cloud services. By using eHealth solutions that are built to work together, you can streamline security and administration across your infrastructure \u2013 and save money.<\/p>\n <\/a><\/p>\n With eHealth solutions from Microsoft and our partners, you not only benefit from our deep compliance, security and privacy experience and long history of health industry collaboration, but also choice and flexibility to digitally transform your way. It\u2019s how we\u2019ve earned the trust of our health customers around the world that are using the Microsoft Cloud to empower better health for their communities. In the U.S. alone, more than 35,000 health organisations use our cloud services. <\/a><\/p>\n Cybersecurity in Health eBook<\/a> We hope the information above helps you begin to check the facts as you take advantage of the cloud to help you improve care quality and efficiency, while reducing costs. To learn more, visit the Microsoft Trust Centre<\/a>. It offers detailed security, privacy and compliance information and resources for all Microsoft cloud services. And if you have any questions or comments, please reach out to us via email<\/a>, Facebook<\/a> or Twitter<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" To digitally transform your health organisation, you must entrust your cloud provider with your data. Check the facts in this article. <\/p>\n","protected":false},"author":223,"featured_media":1034,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"categories":[143],"post_tag":[],"content-type":[],"coauthors":[24],"class_list":["post-395","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-health"],"yoast_head":"\n\n
\n
\n\n
Helping you stay compliant<\/h2>\n
\n
Taking a holistic approach to cybersecurity<\/h2>\n
\n
\n
Protecting the privacy of PHI and other data<\/h2>\n
\n
\n
Flexibility to digitally transform your way<\/h2>\n
\n
A cloud you can trust<\/h2>\n
Additional Resources<\/h2>\n