Quickbooks Hosting Solutions aren't all the same. And if you're in the healthcare industry, you have an added layer of complexity surrounding your data protection: HIPAA Compliance. Today, Intuit doesn't doesn't meet HIPAA privacy standards, nor will they sign a BAA.
So, what options do healthcare companies who are subject to HIPAA compliance have when bringing Quickbooks to the Cloud?
Many cloud/hosting providers have some security in place to make the application technically compliant. But if they aren’t willing to sign a Business Associate Agreement (BAA) for you, then caveat emptor (Let the buyer beware!).
Ask these three critical questions before you buy:
- Has the cloud/hosting provider had their yearly HIPAA audit? — Be sure that the provider has undergone the required yearly data center and infrastructure audits complying with the current HIPAA standards. These audits will help ensure that the provider you choose is dedicated to privacy and is indeed HIPAA Compliant. If they have, they should be able to show you.
- Will they sign and/or provide a BAA? — Be sure that the Cloud Storage Provider’s contract includes a Business Associate Agreement. A written contract should include everything in this sample agreement.
- Do I trust this Cloud Partner? — When choosing the Cloud Partner that is right for you, trust is crucial. If you don’t trust the provider, how can you be confident that they are taking care of all of your sensitive data? Do your homework, ask the right questions, and trust your gut.
Virtual Systems Hosted QuickBooks is HIPAA compliant
Virtual Systems hosting solutions for QuickBooks — our QB Virtual Desktop — is proudly HIPAA compliant.
Our servers are located in highly-protected data centers, secured with monitored alarm systems, card access, and state-of-the-art temperature and humidity controls. We never share network traffic. All client data is transmitted in its own secure virtual network.
Our technical product architecture and security protocols are audited annually. And our staff is specially trained to identify and resolve potentially non-compliant issues.
But it's one thing to be compliant... and it's another thing to prove compliance. Don't take our word for it, here's what our 3rd party auditors had to say:
The Audit & Assessment finds the overall safety and soundness of the Virtual System’s IT infrastructure to be intact:
- Executives and management have adopted and implemented adequate policies and procedures;
- Executives, management, staff, and vendors properly identify, measure, monitor, and control existing and potential risks;
- Management, staff and vendors have sufficient expertise to adequately plan, direct, and control operations; controls and safeguards for NPI, PHI, CI, and organization information and assets have been adequately implemented;
- The organization conducts appropriate notification following a breach of unsecured NPI, PHI, and CI; and,
- The organization is in substantial compliance with applicable industry standards and federal oversight rules and regulations.
If you’re considering moving your QuickBooks to the cloud, don’t leave yourself exposed. Virtual Systems will gladly sign/provide a BAA and our auditing assessments proving our HIPAA compliance for your Quickbooks data.