More healthcare providers are migrating to the cloud to cut costs and increase security through measurable compliance, but many are having trouble deciding where to start. Fortunately, there are well respected industry leaders, such as Microsoft and Project Hosts, who have developed solutions for healthcare’s cloud computing needs. Project Hosts now offers Azure Security Envelopes for Healthcare companies and ISVs who need to ensure their cloud apps and workloads are fully compliant with regulatory standards at the software and data level. Cloud Service Providers (CSP)s, like Project Hosts are providing complete migration plans and Azure Managed Services, giving healthcare providers and ISVs a one-stop solution to their migration needs.
Azure Security Envelope
The Azure Security Envelope enables Healthcare providers to move their on-premises apps and workloads into the cloud with full HIPAA/HITRUST CSF compliance, quickly, cleanly and affordably. This is achieved through Project Hosts’ Complete Migration Process, Managed Security Services, and Compliance Documentation and Management.
The HIPAA/HITRUST Azure Security Envelope offers a complete, ready-to-run environment that includes:
Azure Security Services – A turnkey Azure environment that ensures that any Windows or Linux apps deployed are fully compliant with ISO 27001, HIPAA and HITRUST security standards at the software (SaaS) level. Elements of this include: HIPAA Compliance and HITRUST CSF Security certification, Azure Applications and Access Management Services, Azure Performance Management Services, and Documentation and Compliance Management.
Backup and Archiving Services – Leverage Azure services and third party tools to provide archiving for Office 365 email – a necessity for security and eDiscovery requirements.
Disaster Recovery Services – Advanced Disaster Recovery for on-premises solutions that support the recovery of secured data and applications when an customer on-premises outage happens at their primary datacenter.
Compliance Management Tools / Services – For healthcare providers managing their own Azure subscriptions, the ISMScloud.com provides a secure, online application to help manage and document the process of gaining your HIPAA/HITRUST compliance.
Azure Security Management
Project Hosts’ Azure Security Management services include implementing and managing the following:
HIPAA Security Controls (as defined by NIST 800-66)
HiTRUST Security Controls (as defined by HiTRUST CSF-certification)
Azure subnets with their NSG “firewall” access controls
An Active Directory Domain to manage servers and group policy
Web Application Proxy (WAP) servers as the controlled front door to the Deployment
McAfee Host Intrusion Prevention System (HIPS) on every server, and EndPoint Protection centrally managed by ePolicy Orchestrator