Security Isn’t a Blanket, It’s a SOC

Healthcare providers – whether in-patient, ambulatory or ACO – are increasingly adopting SaaS (software-as-a-service) models because it frees up capital, requires less up-front spending, and shifts routine “break-fix” work off their IT people and onto the software vendor. But SaaS isn’t the only acronym bounced around when vendors meet healthcare providers – HIPAA is sure to be at or near the top of the jargon list, typically linked to words like “compliant” or “certified.” The only problem is there’s no such thing as HIPAA-certified software – and being “compliant” doesn’t mean you’re “secure” any more than posting a no-soliciting sign …