![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 64%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
Azure Health Data Services
An Azure offering that provides a suite of purpose-built technologies for protected health information in the cloud.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 77%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Thank you for getting in touch! It sounds like you're looking for guidance on ensuring HIPAA compliance for your new healthcare customer while using Azure services. Here’s what you can consider:
Microsoft’s Resources: Microsoft provides several tools to help ensure HIPAA compliance:
Microsoft Purview Compliance Manager: This tool helps assess your organization’s compliance posture and provides templates specifically for HIPAA. You can find it here.
Business Associate Agreement: Having this in place with Microsoft is a strong step towards compliance, but remember that it doesn’t automatically guarantee compliance for your own processes. You’ll need to implement adequate compliance programs internally. More details can be found here.
Technical Safeguards: Make sure you're addressing the technical safeguards outlined by HIPAA. This includes access controls, audit controls, integrity controls, authentication procedures, and transmission security. You can find detailed guidance on this here.
Continuous Assessment: Regularly assess your compliance status. The Service Trust Portal provides access to audit reports that can help you gauge Microsoft’s cloud services against your own compliance needs. You can find that portal here.
Implementation Guidance: For detailed implementation steps, check out the HIPAA/HITECH Act guidance on Azure services, which provides concrete actionable steps tailored for compliance.
Consult Experts: It might also be beneficial to have internal compliance experts or legal advisors help you navigate these requirements since compliance can be complex and context-dependent.
Hope this helps get you started!
