As a Health Information Trust Alliance (HITRUST™) Common Security Framework (CSF) certified hosting provider, Rackspace helps healthcare organizations host and scale HIPAA workloads to the cloud, strengthen cyber defenses, and adhere to regulatory mandates.
Protected Health Information (PHI)
Electronic Health Records (EHR)
Audit fatigue and related costs
HIPAA workloads to the cloud
Our dedicated hosting environment is certified to meet some of the highest security standards and privacy requirements of the healthcare industry.
Our platform is built on one of the most widely adopted security framework to help health insurance companies, medical providers, pharmaceutical, biotechnology and healthcare SaaS providers meet compliance standards.
Our HIPAA Business Associate Agreements and our HITRUST CSF certification can help you adhere to requirements from regulatory mandates.
The good thing about Rackspace was that they were able to focus on the cloud lifecycle. They were very smart about how to roll out these capabilities to each business unit.
Vijay Thumma
Director of Cloud Services
Discover how our HITRUST CSF certification can help you keep your IT infrastructure compliant and move workloads to the cloud with this architectural deep dive.
Most healthcare organizations, including health insurance companies, hospitals, medical practices and SaaS providers require a HITRUST CSF certified infrastructure.
Learn more by downloading the example reference architecture mentioned in the video.
The HITRUST CSF provides specific controls and a governance structure to help apply HIPAA guidelines. It can also help your healthcare organization adhere to applicable requirements from other regulatory mandates.
Our dedicated hosting environment has been validated against all 333 HITRUST requirements — across 19 different security categories— to provide comprehensive IT protection for sensitive information.
| Consideration |  |  |  |  |  |  |
|---|---|---|---|---|---|---|
| Comprehensive - General Security | Partial | |||||
| Risk-Based (rather than compliance-based) | Partial | Partial | ||||
| Supported and Maintained | ||||||
| Audit or Assessment Guidelines | ||||||
| Certifiable | ||||||
| Open and Transparent Update Process | ||||||
| Consistency and Accuracy (in assessment/evaluation) | Partial | Partial | Partial | |||
| Support for Third-Party Assurance | ||||||
| Prescriptive | Partial | Partial | ||||
| Assess Once and Report Many | Partial | Partial | ||||
| Vetted by Healthcare and Industry Experts | * | * | ||||
| Practical and Scalable | ||||||
| Comprehensive - Regulatory, Statutory and Business Requirements |
Partial Offering
*ISO 27799 and NIST 800-66 both subject to comment period prior to release