HIPAA Data Center Compliance Checklist

Do you know what to look for when evaluating HIPAA compliant data centers? AGILE is dedicated to providing you with a transparent process for evaluating our compliance efforts. To help you, we’ve created a handy HIPAA compliance checklist to ensure the data centers you’re considering are truly HIPAA compliant.

EHNAC Accreditation

The Electronic Healthcare Network Accreditation Commission (EHNAC) uses quantifiable criteria to evaluate an organization’s conformance to regulatory requirements and industry best practices. Since the HHS does not certify an organization for HIPAA compliance, the EHNAC accreditation is federally recognized as the standards development organization and accrediting body.

Business Association Agreement (BAA)

A data center provider’s willingness to sign a BAA is a must. A BAA is a legally binding contract between your organization and a data center to ensure they meet the safeguards necessary to protect health information.

A BAA is a compliance requirement that also protects your business. A BAA ensures that your data center will implement the measures necessary to protect your business interests and your protected health information.

Administrative, Physical & Technical Safeguards

HIPAA data center compliance covers the application of administrative, physical, and technical safeguards required by HIPAA.

For easy-to-read tables of evidence you should request from a data center to show its customers and auditors as proof of compliance, download a copy of our comprehensive e-book “HIPAA Compliance in the Cloud.”

Specific Questions

Here are the most essential questions to ask a data center when evaluating its HIPAA compliance measures.

  • Do they have documented policies and procedures? 
  • Have they carried out a risk assessment? 
  • Have they implemented risk control measures? 
  • Have they qualified their system to ensure it meets regulatory and technical requirements? 
  • Can they supply evidence of compliance to HIPAA security standards? 
  • Do they have a full time regulatory staff, as well as technical staff? 

The AGILE Difference

AGILE can answer “yes” to all of the above questions, including EHNAC accreditation, signed BAAs, and the administrative, physical, and technical safeguards necessary to comply with HIPAA.

Our HIPAA compliant data centers are built specifically for regulatory compliance. Our team of professionals has years of experience helping regulated clients get the systems they need, as quickly and cost-effectively as possible. 

For more information about our HIPAA Compliant Data Centers, please contact us or call 855.495.0098.