Box touts it's now HIPAA-compliant for hosting personal health records

Box touts it's now HIPAA-compliant for hosting personal health records

Summary: The growing enterprise cloud storage company is aiming to expand its horizons and customer base with a portfolio of new apps built on the Box platform.

SHARE:
zdnet-box-healthcare-partners

Box has been busy building up its community of partners as it preps for a potential IPO next year, and the latest step is a move to open up the customer base to the healthcare industry.

The Los Altos, Calif.-based company is formally announcing that it is both HIPAA and HITECH-compliant and now signing business associate agreements with clients.

This means that Box’s cloud-based services are compliant with the Department of Health and Human Services' publication of the Omnibus Final Rule in January 2013, which position the platform as a service for securely hosting personal health information and record files.

Julie O'Brien, industry marketing director at Box, explained via telephone on Monday that outlined the technology challenges facing hospitals and large medical groups, from a privacy perspective around HIPAA for protecting information to dealing with outdated (and sometimes inoperable) IT infrastructures.

Pointing towards some of the technology shifts in healthcare happening slowly but surely, O’Brien remarked that "every quarter or two there’s someone publishing the use of iPads by physicians."

"Given they are so mobile, it’s just part of their job," O’Brien described. "They need to be able to access information quickly -- anywhere, anytime."

O’Brien also explained why many companies might be reluctant from signing business associate agreements, noting that HIPAA-compliancy requires an "extensive list" of policies and controls that includes (but is certainly not limited to) physical access from datacenters, encryption, employee training, a full audit trail of activities about the user and content itself.

zdnet-box-healthcare-hipaa

Box’s healthcare app ecosystem is starting off with 10 partners this week, which fall into four categories that O’Brien said are divided up based on some of the most pressing pain points in the healthcare industry.

Those categories consist of clinical documentation, care coordination, interoperability, and access to care.

Using these apps, some of the potential use cases include setting up secure cloud folders where a patient’s medical records can be saved and creating a space for collaborating on a patient’s diagnosis.

O’Brien stipulated that Box doesn’t "differentiate" its security services for whatever content might be stored in these folders, whether they are X-rays, hospital protocols, or documentation for continuing medical education. All of it is treated equally.

The platform apps for healthcare are available now on the Box Apps Marketplace.

Screenshots via Box

Topics: Cloud, Enterprise Software, Health, Storage, Start-Ups, Enterprise 2.0

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • All kinds of Data?

    I want it to store my health records, copies of doctor notes, my DNA profile should I get one, my family ancestry mapped from said DNA, and the ability to email only specific information to some company so they can analyze it.

    Having employees with restricted access to customer data is still a big problem. They should have NO ACCESS. They should only be working with dummy customers in order to receive training and troubleshooting. If someone dies and cannot access their account, that information should be made available to family, or else deleted to where the records stored by their doctor are the only way to access records.
    Vapur9