HIPAA Compliant Web Hosting

Hosting HIPAA compliant applications requires specific administrative, physical, and technical safeguards not provided by most web hosting companies. What makes a webhost or cloud solution HIPAA compliant?

Read Our Latest Whitepaper – Managing HIPAA in AWS   Download Whitepaper

Selecting A HIPAA Hosting Provider


Selecting a HIPAA compliant service provider is only one part of the compliance process. Organizations must perform an annual risk assessment, as well as create and review administrative policies for safeguarding protected health information (PHI), limiting environment access, and managing emergency plans and procedures. HIPAA compliance requires consistent planning and review.

Requirements For HIPAA Compliant Hosting


Public cloud providers such as Amazon Web Services (AWS) operate on a shared responsibility model, that defines responsibilities for both the cloud service and the organization. For using a solution in a HIPAA compliant manner, your organization must:

Sign Cloud BAA

Sign a Business Associate Agreement (BAA) with the cloud platform/infrastructure provider.

Set Administrative Policies

Define administrative policies and employee training to meet HIPAA administrative requirements.

Implement Technical Controls

Manage user authentication, audit logging, and to meet HIPAA technical requirements.

Unlock Healthcare In The Cloud

Learn how Dash automates HIPAA compliance in the public cloud.


Tour The Compliance Automation Platform