HIPAA Compliant Architecture

5 pts.
Tags:
HIPAA
Microsoft Access database
Hi,

I am developing a Medical Billing Software and should be HIPAA complaint. My current architecture is using seperate database for each tenant. But I need to change it to a Multi tenant architecture. So Is there any problem for HIPAA with Multi tenant architecture ?
Is it possible to get any Document/Proof related to this topic ?

Any help will be highly appreciable,

Thank You.

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Kevin Beaver
    I've seen plenty of applications/databases hosting protected health information (PHI) running in a multi-tenant environment. It starts with well-written code. There are numerous other access/authentication/encryption-type controls you can build in to ensure businesses and people can't see each other's stuff. Just make sure you test it during and after development. I've seen SQL injection in multi-tenant applications with some user roles and not others. I hope this helps!
    17,200 pointsBadges:
    report
  • Kevin Beaver
    One other thing: I wouldn't commit to any application being "HIPAA compliant". It can be secure - especially when confirmed via third-party validation - but saying it's compliant or will make your customers compliant is a slippery slope. HIPAA compliance doesn't come in a box. It's a strategy and a set of tactics and processes that every covered entity, business associate, and subcontractor must integrate into their business.
    17,200 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following