December 12, 2013 at 12:11 pm
I've been asked to investigate moving part or all data processing off premises, and acting on a tip from twitter, I encountered what I think may be a show stopper. While it seems that Office is covered by MS on the HIPAA BAA, if you read to scope section at the very bottom of this document:
http://www.windowsazure.com/en-us/support/trust-center/compliance/
it seems that SQL Azure is exempt from the HIPAA BAA, which I think makes it a non-starter for HIPAA sensitive applications.
Am i reading this wrong?
Does this mean that HIPAA sensitive data must be maintained on premises or is it acceptable buy hosted database services from Amazon or Rackspace et al but not on SQL Azure?
Thanks for your help, as I am in the dark!
December 18, 2013 at 12:35 pm
Windows Azure services have been expanding their compliance initiatives over the years, but I believe your interpretation is correct that WASD is not currently included in the HIPAA BAA.
Keep an eye on that compliance statement page to ensure that you have the most up to date information.
Karen
December 18, 2013 at 12:43 pm
Thank you so much for your confirmation, even though I wouldn't call it good news
That said, I did get a real good laugh out of seeing you described as a rookie <g>.
Thanks again
drew
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply