My _guess_ is that either could easily run into compliance concerns.
Then again, wholesale countrytapping is now the norm, so there is
precedence...
--
G
RalphWSiegler wrote:
> would the datastore of the GAE be HIPAA compliant as to privacy and
> security of information.
>
> We (my client's IT
greetings! you asked a question that's common but very dependent on
your implementation. App Engine has no specific compliance features,
so it's all up to your implementation. the first thing you need to do
is to separate the patient information and their medical data. if
they're together, then it'
Hi Wesley, really was asking if data stored with google was secure
from access by google employees or third party or other applications
for casual browsing, data mining, etc. Could as well ask if GEA is
safe place to store credit card numbers.
We know HIPAA requirements, not a problem for us.
The data is not completely secure. Amazon, too, says "to ensure data
security ... files containing PHI should be encrypted using
technologies such as 256 bit AES algorithms"
Creating HIPAA-compliant Medical Data Applications with AWS:
http://awsmedia.s3.amazonaws.com/AWS_HIPAA_Whitepaper_Final.pdf
Thanks for reply Wesley.
We still would find GEA very useful for general medical procedural and
diagnostic information of encyclopedic nature
best regards,
Ralph
On Jan 25, 6:38 pm, "Wesley C (Google)" wrote:
> greetings again everyone,
>
> App Engine is currently not HIPAA- nor SAS 70-complia
Now that appengine supports sas70
http://googleappengine.blogspot.com/2011/08/google-app-engine-receives-sas70-and.html
and
http://code.google.com/appengine/updated_terms.html
states clearly "Customer acknowledges that the Service is not HIPAA
compliant and Customer is solely responsible for
ngine@googlegroups.com
[mailto:google-appengine@googlegroups.com] On Behalf Of Tyler Tallman
Sent: Monday, November 28, 2011 8:58 AM
To: google-appengine@googlegroups.com
Subject: Re: [google-appengine] Re: medical records, hipaa compliance
Now that appengine supports sas70
greetings again everyone,
App Engine is currently not HIPAA- nor SAS 70-compliant, so highly
sensitive data (HIPAA/PHI data, SSNs, CC numbers, etc.) should not be
stored on App Engine. it is not a good match for that type of data at
this point in time unless, as the previous poster pointed out, th