Medigy Logo The Healthcare IT Guy
Person name
Managing Editor
@ShahidNShah

law

A collection of 4  Posts

Evaluating and choosing healthcare cloud services providers

As healthcare moves from on-premise to cloud services, the evaluation and selection of “HIPAA compliant” cloud service providers becomes an import task. I don’t like the description “HIPAA compliant” because it’s imprecise and not meaningful. However, it’s something that many non-technical people look for when evaluating providers so I’m using it here. My friend Alex Ginzburg, VP of Technology at Intervention Insights, and I have done this kind of healthcare cloud services providers evaluation and selection many times so it was natural for me to reach out and ask him to provide some guidance for the community.

Shahid N. Shah

Encryption at rest and encryption in transit for HIPAA compliance are not easy questions to answer

Given the number of breaches we’ve seen this Summer at healthcare institutions, I’ve just spent a ton of time recently on several engineering engagements looking at “HIPAA compliant” encryption (HIPAA compliance is in quotes since it’s generally meaningless). Since I’ve heard a number of developers say “we’re HIPAA compliant because we encrypt our data” I wanted to take a moment to unbundle that statement and make sure we all understand what that means.

Shahid N. Shah

If Meaningful Use disappeared, how would EHR vendors change their products?

I’ve often said that Meaningful Use and the HITECH Act created false demand for EHRs and has (perhaps irrevocably) harmed innovation in the EHR space by standardizing features and function rather than outcomes and expectations. It’s a false demand because it concentrated too much on prescriptive, sometimes useless, and in many cases productivity-killing, functionality instead of focusing on what’s really needed — data interoperability and fostering innovation. John Halamka wrote something similar recently in his Advice to the new ONC chief (highlights in red below are mine, not John’s):

Shahid N. Shah

The causes of digital patient privacy loss in EHRs and other health IT systems

This past Friday I was invited by the Patient Privacy Rights (PPR) Foundation to lead a discussion about privacy and EHRs. The discussion, entitled “Fact vs. Fiction: Best Privacy Practices for EHRs in the Cloud,” addressed patient privacy concerns and potential solutions for doctors working with EHRs. While we are all somewhat disturbed by the slow erosion of privacy in all aspects of our digital lives, the rather rapid loss of patient privacy around health data is especially unnerving because healthcare is so near and dear to us all.

Shahid N. Shah

Medigy Innovation Network

Connecting innovation decision makers to authoritative information, institutions, people and insights.

Medigy Logo

The latest News, Insights & Events

Medigy accurately delivers healthcare and technology information, news and insight from around the world.

The best products, services & solutions

Medigy surfaces the world's best crowdsourced health tech offerings with social interactions and peer reviews.

© 2025 Netspective Media LLC. All Rights Reserved.

Built on Mar 12, 2025 at 5:07am