Menu
I'm looking into developing Health Care related apps on Microsoft Azure; however, I've been told that SQL Server Azure is not HIPAA compliant. Now, I heard that Azure Web Development and Virtual Machines are HIPAA Compliant. Question, are local databases on Azure Virtual Machines HIPPA compliant (ie SQL Server Compact, MySQL, etc...)? I know this is a vague question, but Azure seems like a great development platform to work with. Thanks
480
It's not that Virtual Machines are HIPAA-compliant; rather a BAA can be offered for apps using Virtual Machines. The app itself would still need to pass whatever compliance.
If you look at the Azure Trust Center, you'll see details of HIPAA BAA, along witha link to Azure HIPAA Implementation Guidance.
I'm not a lawyer and cannot counsel you on the fine details of HIPAA and your app. However, I read through the compliance guide and it only calls out Windows Azure SQL as not in scope. For Virtual Machines, the responsibility falls on you to deal with certain things. From the doc:
Customers are responsible for their environment once the service has been provisioned, including their applications, data content, virtual machines, access credentials, and compliance with regulatory requirements applicable to their particular industry and locale.
85
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
