drmichaeloffice wrote on Tuesday, September 01, 2015:
Is OpenEMR fully compliant with HIPAA?
Which Web host would you recommend for OpenEMR?
How much do you pay?
tmccormi wrote on Saturday, September 05, 2015:
OpenEMR is ONC Certified, which means it passes all the required security tests to be HIPAA compliant, IF and ONLY if it is installed and configured correctly. HIPAA compliance is more about your business practices than technical security things.
As to Hosting, there are very few HIPAA compliant hosting services. Most require going through a reseller or certified cloud vendor. There are several in the OpenEMR community, MI-Squared is one of them.
Generally:
Microsoft Azure Cloud will sign a BAA with vendors, maybe directly
IBM/BlueBox is working on it
Amazon will sign BAA, but I not sure if they require a vendor if they will do it directly
FireHost is HIPAA compliant and expensive (in my opinion)
Costs vary by utilzation and disk storage, I charge $300 - $600 per month depending on the size of the clinic and other options that are available.
–Tony