moshegorin wrote on Wednesday, August 06, 2014:
Hi I have researched HIPAA compliant web hosting for several weeks and I would like to share my results with the community.
Based on my research Google Cloud seems to be the best in terms of price, hardware and flexibility. Runner up is LuxSci.com
- Google Cloud - Google Compute, Storage and Cloud SQL are HIPAA compliant without any changes necessary. They will sign BAA for no extra cost. It looks possible to run openEMR on Google Compute/Storage/SQL (but NOT on Google App Engine because this is NOT HIPAA compliant). Pricing is flexible and it looks like openEMR for a small practice running 24/7 would be around $50 to $100 per month with backups.
Pros: Flexible pricing, no extra HIPAA fees, Google brand name
Cons: Only 1 data center right now (in midwest); It’s a huge company so don’t expect to get much personal attention/support
- LuxSci.com - They rent space on Rackspace and other networks to create HIPAA compliant infrastructure and you can host openEMR for only $15/month.
Pros: Very cheap for entry-level plan, small company with support
Cons: Dedicated servers are expensive, $100 to sign BAA
- Amazon Web Services - they charge $1,500/month minimum for a HIPAA compliant setup plus all regular fees (for EC2, S3 etc.)
Pros: Lots of data centers around the world
Cons: $1,500/month minimum for HIPAA infrastructure
- Other Providers - All of these are small providers that offer HIPAA compliant dedicated servers for $100/month and up.
Pros: Small companies so good support
Cons: Can be expensive & require long-term complex contracts, hardware is not as flexible as Google/Amazon
Please share your comments and experiences, thank you.