Is Your Data Center or Managed Services Provider HIPAA-Compliant?

By: Sagi Brody, CTO, Webair

In the world of Health Information Technology (HIT), privacy and security are twin cornerstones of serving patients and avoiding costly data breaches. According to the U.S. Department of Health and Human Services, healthcare data breaches passed the 100-incident milestone from January through May this year. The government agency reports that data breaches cost an estimated average of $3.5 million, while the total annual cost for the industry as a whole is estimated at $5.6 billion. Based on these and other reports, nor is the prognosis especially favorable. Redspin, a leading provider of penetration testing and IT security audits, finds that from 2009 to 2014, Health Insurance Portability and Accountability Act (HIPAA) data breaches climbed 138%, and last year alone nearly 9 million health records were breached.

As data breaches and cybercrime advance rapidly, taking every precaution to safeguard electronic Protected Health Information (ePHI) as well as patients’ rights and protections is critical. According to The Ponemon Institute, the annual economic impact of medical identity theft is nearly $31 billion, with patients filing an average of 1,500 HIPAA complaints per month thus far in 2015.

Under the HIPAA Final Omnibus Rule, business associates responsible for violating HIPAA privacy and security rules face up to $1.5 million in annual fines. Ensuring that data centers and managed services providers are HIPAA-compliant helps guarantee that sensitive electronic health information is well-protected. Healthcare organizations can avoid HIPAA violations by choosing a HIPAA-compliant managed infrastructure provider to ensure the adoption and expansion of healthcare IT solutions is safe, secure and reliable. With 83% of healthcare organizations presently using cloud-based apps, and projected to invest $12.6B in cloud computing by 2020, the need for dedicated and expert HIPAA compliant IT providers will only increase.

Webair, which has experienced zero HIPAA-related incidents, offers HIPAA-compliant, fully managed services, including Colocation, Bare Metal Servers, Public, Private and Hybrid Cloud, Cloud  Storage and IP Transit. Compliant with more than three data center and service certifications, including SSAE16 SOC 1 TYPE II, PCI DSS, and HIPPA Matrix, the Company undergoes annual data privacy and security audits performed and evaluated by an independent, third-party auditor. Moreover, 100% of customers’ HIPAA infrastructure is reviewed by a dedicated and experienced HIPAA compliance specialist.

To learn more about HIPAA compliance and protecting sensitive electronic health information, check out our latest infographic by clicking here.


For more information about Webair’s fully managed HIPAA-compliant healthcare solutions, please visit