The Cloud Report

Blog archive

Box Reaches HIPAA Compliance

Box today said organizations can now securely store health care information in its popular cloud-based document storage and sharing service, now that it complies with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

As a result, Box's service is considered a trusted platform for personal health information stored in its service, company officials told me. The move comes as Box is looking to extend its foothold in a number of business and public sector industries. To that end, the company is targeting the health care industry.

Whitney Bouck, general manager of Box's enterprise business, said the company's service is well-suited for health care providers to share information with other practitioners, patients and insurance providers. Now that Box is certified as HIPAA- and HITECH-compliant, that means it's willing to sign Business Associate Agreements (BAAs).

"This will trump our health care growth to another whole level," Bouck said.

On the surface, HIPAA compliance primarily may appeal to companies in the health care industry, but it should also be of interest to many other companies and individuals who handle health care or insurance information.

Over the past year, Box's business from companies in the health care industry has grown 81 percent, Bouck said. In addition to announcing HIPAA and HITECH compliance, Box said it has signed on 10 new partners that offer solutions in the area of clinical documentation, clinical care, interoperability and access to care.

Through its partnership with Doximity, Box is offering providers 50 GB of free storage per year in a move to get them started.

Box isn't the only major cloud provider to announce support for HIPAA. Microsoft today said it has updated its existing HIPAA BAAs to coincide with the new regulatory language in the final omnibus HIPAA regulation. That includes various definitions and new data protections such as reporting rules tied to the HIPAA Breach Notification Rule. Microsoft said health care marketplace Allscripts is one of the first to implement the new BAA. 

Posted by Jeffrey Schwartz on 04/25/2013 at 12:48 PM


Subscribe on YouTube