Microsoft Imbeds HIPAA Compliance in Office 365 Platform

Microsoft Imbeds HIPAA Compliance in Office 365 Platform
Posted: Dec 23, 2011
Seeking to allay providers’ privacy concerns and spur communication, Microsoft this week announced that its cloud productivity service, Microsoft Office 365, will comport with information security standards for customers in the U.S. and Europe.

As part of its contractual commitment to customers, officials say, Microsoft will comply with the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. Officials say that with the new capabilities for Office 365 – which includes Exchange, SharePoint, Lync and Office – health organizations can more confifently implement technologies for communication tools such as IM, paging, video conferencing and document sharing, accessing information from any secure device.

“The economic advantages of cloud-based productivity solutions to drive down operational costs and complexity are well understood, but for most health organizations, HIPAA security and privacy concerns have been a show-stopping barrier to realizing the full anywhere, anytime productivity potential of cloud-based technologies,” wrote Dennis Schmuland MD, Microsoft’s chief health strategy officer for U.S. health & life sciences, in a blog post.

“Communication and collaboration is the lifeblood of the health industry and Office 365 makes it easier for people and teams to be efficient and productive anytime and anywhere,” he added. “By embedding HIPAA privacy and security capabilities in Office 365, Microsoft is enabling health organizations to confidently empower their staff to communicate and collaborate anytime, anywhere and substantially lower their IT operating costs.”

As the first major cloud-based productivity service to obtain certification under ISO/IEC 27001, a rigorous information security management benchmark, Microsoft submits to a yearly audit of its information security policy by an independent expert and shares the results with its customers, officials say. Additionally, the firm has developed its online services to provide physical, administrative and technical safeguards that facilitate full compliance with HIPAA requirements.

Source: Healthcare IT News
Share this entry