Rackspace is conscious that by making its services available to healthcare groups, the company is classified as a HIPAA business associate and must agree to adhere with the HIPAA Privacy and Security Rules.
Rackspace has obtained HITRUST and HITRUST CSF certifications which indicate that the company meets the data and privacy security standards required by HIPAA for managed public, private, and hybrid cloud environments. The company uses extended SSL encryption and complies with PCR DSS data security requirements.
The company provides help to healthcare firma to help them use its services and adhere with HIPAA Rules and develop an approach that satisfies HIPAA Rules and meets their business requirements.
Rackspace will also complete a business associate agreement for its dedicated hosting services, which is incorporated by default for customers in the healthcare sector.
Rackspace & HIPAA Compliance
Rackspace is willing to complete a business associate agreement with healthcare groups and has implemented all the necessary safeguards to ensure that its hosting services can be used by healthcare groups without violating HIPAA Rules.
Rackspace can therefore be thought of as HIPAA complaint hosting company, provided customers use its dedicated hosting services and complete a business associate agreement prior to using its hosting services in connection with any PHI.
However, it is the responsibility of all users to ensure that the hosting services are set up properly. Rackspace cannot ascertain whether its customers are using its services in a manner that adheres with HIPAA Rules.
Covered groups must take full responsibility for ensuring the requirements of HIPAA ar in place and appropriate safeguards are kept.