Blog Home
By Stephanie Musal • August 3, 2016

Proving HIPAA compliance

HIPAA stands for the Health Insurance Portability and Accountability Act. HIPAA is meant to 1) Secure/protect personal health information and 2) Enforce standards of electronic transactions in the healthcare space. One problem is that becoming HIPAA compliant is expensive. It is estimated to cost $114,000,000- $225,400,000. The opportunity cost of your time also has to be considered. Instead of focusing on your product or on your team, you will spend time on policies, procedures, audits, technology and training to make sure you are never violating any of the many HIPAA guidelines.

Because there are no “HIPAA police”, many people are tempted to build their apps without the necessary steps needed to become HIPAA compliant, but if you are building an app that touches any kind of Personal Health Information (PHI) - this would be a very costly mistake to make. There are three main paths you can take when seeking HIPAA compliancies: Assessing yourself, Third-party auditors, or Inheriting Proof.

  1. Assessing yourself: Assessing yourself is the easiest and least expensive option. However there is also risk retained in taking your own word for it and you may end up paying more for the violation than you would have if you used either of the other two options.
  2. Third-Party Audits: Third party audits leave less question about how compliant you actually are. There are two steps to HIPAA audits. The first is a Gap Assessment. This is meant to spend time addressing any gaps you may have in your compliance before getting a full HIPAA audit. The Gap assessment typically costs between $15,000-$20,000. The second step is a full HIPAA Audit. In this step, an auditor will come to make sure both your your technical setting, HIPAA training and BAAs are completely compliant. The onsite auditor will usually cost $20,000-$25,000 and take a few days to complete.
  3. Inheriting Proof: CloudMine’s Connected Health Cloud was built to give the consumer more options to keep PHI safe. By utilizing our Connected Health Cloud you are able to develop innovative healthcare tech without having to hire a team of compliance experts and to prove and demonstrate compliance without having to do a full HIPAA audit.

We’ve already spent 1000s of hours on security and compliance and $100,000s on audits and security measures so that our customers can inherit our work and focus on what matters to them, their product.

If you are interested in learning more about CloudMine’s Connected Health Cloud, sign up for a demo here.  


Request A Demo