HIPAA Compliance

Discussion in 'Pre-sales questions' started by NoThisIsPatrick, Feb 11, 2018.

  1. Hey Guys,

    This may be a stupid question but I'm having difficulty finding an answer. I'm creating a site that will need to use patient data, and I need to know if I can use WinHost for my SQL Database and host the web portal that will interact with it while (most importantly) staying HIPAA compliant. Is this something that WinHost is suitable for, or do I need to look elsewhere?

    I've used WinHost before for web applications and database hosting and it's always worked really well, but in this case a lack of HIPAA compliance would be a deal breaker (for obvious reasons).
     
  2. curtis

    curtis Winhost Staff

    From my understanding, your data needs to be in a private environment to be HIPAA compliant and all our hosting services are shared. If you want to be HIPAA compliant, no host in our price range will be appropriate. You'll need a private cloud, dedicated server, private SQL database type of services.
     
  3. Thank you so much!
     
  4. @curtis is correct. Unfortunately WinHost does not offer certified HIPAA compliant hosting, HITECH audit certification, etc. -- required to manage your patient data.

    However there are third party hosts that can create and manage this environment for you. There are lists of vetted HIPAA Compliant Hosting Providers if you are operating under compliance restrictions to cover your ePHI data. Hope this helps!

    (WinHost does offer SiteLock PCI Scanning for $300/year with SiteLock Security Scanning Plans, if you require that.)
     

Share This Page