Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Slides:

Advertisements

Similar presentations

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Advertisements

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Ivan Pleština Amazon Simple Storage Service (S3) Amazon Elastic Block Storage (EBS) Amazon Elastic Compute Cloud (EC2)

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.

Are you ready for HIPPO??? Welcome to HIPAA

 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.

1 NETE4631 Cloud deployment models and migration Lecture Notes #4.

Cloud Computing Brandon Hixon Jonathan Moore. Cloud Computing Brandon Hixon What is Cloud Computing? How does it work? Jonathan Moore What are the key.

Infrastructure as a Service (IaaS) Amazon EC2

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Matt Bertrand Building GIS Apps in the Cloud. Infrastructure - Provides computer infrastructure, typically a platform virtualization environment, as a.

Nikolay Tomitov Technical Trainer SoftAcad.bg.  What are Amazon Web services (AWS) ?  What’s cool when developing with AWS ?  Architecture of AWS 

Cloud Computing (101).

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.

ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Addition to Networking.  There is no unique and standard definition out there  Cloud Computing is a general term used to describe a new class of network.

Plan Introduction What is Cloud Computing?

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

VAP What is a Virtual Application ? A virtual application is an application that has been optimized to run on virtual infrastructure. The application software.

Cloud Computing All Copyrights reserved to Talal Abu-Ghazaleh Organization

A Brief Overview by Aditya Dutt March 18 th ’ Aditya Inc.

Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.

CLOUD COMPUTING  IT is a service provider which provides information.  IT allows the employees to work remotely  IT is a on demand network access.

Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Introduction to Cloud Computing

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.

Cloud Computing Characteristics A service provided by large internet-based specialised data centres that offers storage, processing and computer resources.

| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

Plan  Introduction  What is Cloud Computing?  Why is it called ‘’Cloud Computing’’?  Characteristics of Cloud Computing  Advantages of Cloud Computing.

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

AWS Amazon Web Services Georges Akpoly CS252. Overview of AWS Amazon Elastic Compute Cloud (EC2) Amazon Simple Storage Service (S3) Amazon Simple Queue.

CLOUD WITH AMAZON. Amazon Web Services AWS is a collection of remote computing services Elastic Compute Cloud (EC2) provides scalable virtual private.

Chapter 8 – Cloud Computing

Understand Internet Security LESSON Security Fundamentals.

3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.

Launch Amazon Instance. Amazon EC2 Amazon Elastic Compute Cloud (Amazon EC2) provides resizable computing capacity in the Amazon Web Services (AWS) cloud.

Data Hosting and Security Overview January, 2011.

KAASHIV INFOTECH – A SOFTWARE CUM RESEARCH COMPANY IN ELECTRONICS, ELECTRICAL, CIVIL AND MECHANICAL AREAS

#SummitNow Alfresco Deployments on AWS Cost-Effective, Scalable & Secure Michael Waldrop Director, Solutions Engineering .

 Cloud Computing technology basics Platform Evolution Advantages  Microsoft Windows Azure technology basics Windows Azure – A Lap around the platform.

© 2015 MetricStream, Inc. All Rights Reserved. AWS server provisioning © 2015 MetricStream, Inc. All Rights Reserved. By, Srikanth K & Rohit.

Amazon Web Services. Amazon Web Services (AWS) - robust, scalable and affordable infrastructure for cloud computing. This session is about:

INTRODUCTION TO AMAZON WEB SERVICES (EC2). AMAZON WEB SERVICES  Services  Storage (Glacier, S3)  Compute (Elastic Compute Cloud, EC2)  Databases (Redshift,

SEMINAR ON.  OVERVIEW -  What is Cloud Computing???  Amazon Elastic Cloud Computing (Amazon EC2)  Amazon EC2 Core Concept  How to use Amazon EC2.

Course: Cluster, grid and cloud computing systems Course author: Prof

Chapter 6: Securing the Cloud

Avenues International Inc.

DATA SECURITY FOR MEDICAL RESEARCH

AWS Solution Architect Associate Exam associate-dumps.html Free AWS Solution Training Exam Question.

Amazon AWS Solution Architect Associate Exam Questions PDF associate.html AWS Solution Training Exam.

Amazon Storage- S3 and Glacier

AWS COURSE DEMO BY PROFESSIONAL-GURU. Amazon History Ladder & Offering.

Amazon AWS Solution Architect Associate Exam Dumps For Full Exam Info Visit This Link:

Amazon AWS Solution Architect Associate Exam Questions PDF associate-dumps.html AWS Solution Training.

Brandon Hixon Jonathan Moore

AWS Cloud Computing Masaki.

AWS S3 Cloud Backup Licensing per system Starting at $79 per year.

Cloud Security AWS as an example.

Cloud Security AWS as an example.

Designing IIS Security (IIS – Internet Information Service)

Introduction to the PACS Security

Presentation transcript:

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University

What is a HIPAA requirement? Health Insurance Portability and Accountability Act is a set of established federal standards, implemented through a combination of administrative, physical and technical safeguards, intended to ensure the security and privacy of PHI. HIPAA covers protected health information (PHI) which is any information regarding an individuals physical or mental health, the provision of healthcare to them, or payment of related services.

HIPPAs Privacy & Security Rules HIPAAs Privacy Rule requires that individuals health information is properly protected by covered entities. the privacy rule prohibits entities from transmitting PHI over open networks or downloading it to public or remote computers without encryption. The Security Rule requires covered entities to put in place detailed administrative, physical and technical safeguards to protect electronic PHI. To do this, covered entities are required to implement access controls, encrypt data, and set up back-up and audit controls for electronic PHI in a manner commensurate with the associated risk.

AWSs Goal Healthcare businesses subject to HIPAA can utilize the secure, scalable, low-cost, IT infrastructure provided by Amazon Web Services (AWS) as part of building HIPAA compliant applications. Amazon Elastic Compute Cloud (Amazon EC2) provides resizable compute capacity in the cloud. Amazon Simple Storage Service (Amazon S3) provides a virtually unlimited cloud-based data object store.

Methodology - Privacy Controls: Encrypting Data in the Cloud Encrypting data in the cloud - encryption of all PHI in transmission (in-flight) and in storage (at-rest). During electronic transmission, files containing PHI should be encrypted using technologies such as 256 bit AES algorithms. Amazon EC2 provides the customer with full root access and administrative control over virtual servers. Using AWS, customers system administrators can utilize token or key-based authentication, command-line shell interface, Secure Shell (SSH) keys to access their virtual servers. when sending data to Amazon S3 for short term or long term storage, we should encrypt data before transmission. Amazon S3 can be accessed via Secure Socket Layer (SSL)- encrypted endpoints over the Internet and from within Amazon EC2. This ensures that PHI and other sensitive data remain highly secure.

Security Controls: High-Level Data Protection For Amazon EC2, AWS employees do not look at customer data, do not have access to customer EC2 instances, and cannot log into the guest operating system. AWS internal security controls limit data access. in few cases of customer-requested maintenance, select AWS employees use their individual, cryptographically- strong SSH keys to gain access to the host (as opposed to the guest) operating system and it requires two-factor authentication.

Access Control Processes Using Amazon EC2, SSH network protocols can be used to authenticate remote users or computers through public-key cryptography. The administrator can also allow or block access at the account or instance level and can set security groups, which restrict network access from instances not residing in that same group. In Amazon S3, The system administrator maintains full control over who has access to the data at all times and the default setting only permits authenticated access to the creator. Read, write and delete permissions are controlled by an Access Control List (ACL) associated with each object.

Auditing, Back-Ups, & Disaster Recovery Using Amazon EC2, customers can run activity log files and audits down to the packet layer on their virtual servers. Customers administrators can back up the log files into Amazon S3 for long-term, reliable storage. To implement a data back-up plan on AWS, Amazon Elastic Block Store (EBS) offers persistent storage for Amazon EC2 virtual server instances. By loading a file or image into Amazon S3, multiple redundant copies are automatically created and stored in separate data centers that is a solution for data storage and automated back-ups.

Conclusion Amazon Web Services (AWS) provides a reliable, scalable, and inexpensive computing platform in the cloud that can be used to facilitate healthcare customers HIPAA- compliant applications. Amazon EC2 offers a flexible computing environment with root access to virtual machines and the ability to scale computing resources up or down depending on demand. Amazon S3 offers a simple, reliable storage infrastructure for data, images, and back-ups. These services change the way organizations deploy, manage, and access computing resources by utilizing simple API calls and pay-as-you-use pricing.