Albatross HIPAA Compliant Hosting

Health Insurance Portability and Accountability Act (HIPAA) is one of the most important Healthcare compliance requirements for companies working with healthcare related data. This data is commonly referred to as Protected Health Information (PHI). Albatross has implemented rigorous controls to satisfy any organization looking to host on HIPAA compliant infrastructure.

HIPAA, requires the following general guidelines to be implemented by hosting providers:

1. Privacy Guidelines
2. Security Guidelines
3. Breach Guidelines

Please continue reading to learn more about how Albatross adheres to those guidelines.

Administrative Safeguards

Albatross seeks to implement policies and procedures to prevent, detect, contain and correct security violations by:

1. Identifying Relevant Information Systems such as EPHI
2. Implementation of Risk Management programs
3. Development of Sanction Policies on Albatross members
4. Regularly review logs and system activity.
5. Define assigned responsibility for security HIPAA standards by assigning a Albatross officer
6. Implementations of procedures for authorization and supervision
7. Albatross conducts training on HIPAA related guidelines and procedures
8. Put control to protect from malicious software
9. Development of Business Associate Agreements

Physical Safeguards Procedures

1. Implementation of facility access controls
2. Develop policies around workstation use
3. Implement workstation security controls
4. Enforce device and media controls

Technical Safeguards Procedures

1. Develop access controls
2. Develop audit controls
3. Develop person entity authentication
4. Enforce security during data transmission

More Resources

1. Albatross Security Overview
2. National Institute of Standards and Technology - Guide to Implementing the Health Insurance Portability and Accountability Act Security Rule.
3. FULL HIPAA PDF RESOURCE