HIPAA Compliance for Healthcare Workloads on IBM Spectrum Scale

An IBM Redpaper publication

Published 16 March 2020

cover image

ISBN-10: 0738458600
ISBN-13: 9780738458601
IBM Form #: REDP-5591-00
(12 pages)

More options

Rate and comment

Authors: Sandeep R. Patil, Sandeep Zende

Abstract

When technology workloads process healthcare data, it is important to understand Health Insurance Portability and Accountability Act (HIPAA) compliance and what it means for the technology infrastructure in general and storage in particular. HIPAA is US legislation that was signed into law in 1996.

HIPAA was enacted to protect health insurance coverage, but was later extended to ensure protection and privacy of electronic health records and transactions. In simple terms, it was instituted to modernize the exchange of healthcare information and how the Personally Identifiable Information (PII) that is maintained by the healthcare and healthcare-related industries are safeguarded.

From a technology perspective, one of the core requirements of HIPAA is the protection of Electronic Protected Health Information (ePHIPer through physical, technical, and administrative defenses. From a non-compliance perspective, the Health Information Technology for Economic and Clinical Health Act (HITECH) added protections to HIPAA and increased penalties $100 USD - $50,000 USD per violation. Today, HIPAA-compliant solutions are a norm in the healthcare industry worldwide.

This IBM® Redpaper publication describes HIPPA compliance requirements for storage and how security enhanced software-defined storage is designed to help meet those requirements. We correlate how Software Defined IBM Spectrum® Scale security features address the safeguards that are specified by the HIPAA Security Rule.

Table of contents

HIPAA compliance and storage
Security enhanced software-defined storage
IBM Spectrum Scale
HIPAA security rules and IBM Spectrum Scale security
Conclusion

Follow IBM Redbooks

Follow IBM Redbooks