February 8, 2018
February 8, 2018

Describe the steps necessary to select an appropriate cloud provider that will provide access to an EHR and host data storage for a small provider practice.



Criteria for Choosing Cloud Service Provider

He should consider the following criteria when selecting the cloud service provider. He should identify the number of cloud service providers and rate them in terms of their performance and compliance. This forms the initial selection process where one has a list of service providers to choose from. Identify the cloud provider who you can trust, as the information to be stored, is confidential and should be reliable as well. Address the technical aspect of the cloud service provider, does the service provider has the capability to handle the data, features of his/her system, are they up to the task (Voorsluys et al. 2011). Finally, address the security and cost issues, Dr. Taylor should consider security paramount in preference cost. As security really matter and remains a major challenge with regard to the use of systems but at considerable costs.

Identify the security and privacy controls that the selected cloud provider must be able to implement to comply with the HITECH Act criteria.

The hired cloud provider should meet the following security and privacy control to meet the HITECH demands. The cloud service provider should implement the access control security mechanism to secure the data. The mechanism defines who accesses the system and the privileges & rights he/she have over the system (Zissis & Lekkas, 2012). the cloud provider should also limit who accesses which part of the system accessible to each partner to ensure privacy and security for each of the partner using the access control technique.

Explain the roles and responsibilities of the cloud provider and the healthcare providers in ensuring that the HITECH Act security and privacy regulations are met.

The cloud service provider and the health care provider have the following roles & responsibilities with regard to HITECH to ensure privacy and security as to per regulations. The Healthcare providers are responsible for upholding the privacy of the clients by implementing whichever mechanism to safeguard the same. They should not share any information regarding the patient with non-concerned individuals (Armbrust et al. 2010). The cloud service provider is responsible for securing data from unauthorized people from their systems and should not have directly connected with the real data to uphold privacy.


