Our new guide, Twistlock’s Guide to HIPAA Compliance for Containers, will help you to achieve compliance with the HIPAA Security Rule for containerized workloads. In health care, there is a class of sensitive data known as electronic personal health information, or ePHI. Any covered entity, business associate, or subcontractor that creates, receives, maintains, or transmits ePHI is subject to a piece of legislation known as the HIPAA Security Rule. The Security Rule requires you take the appropriate measures to safeguard ePHI. ePHI is tightly woven into the fabric of the typical health care app. Apps such as virtual doctor visits, glucose monitors, and billing systems are built around ePHI. It’s the ePHI itself — collecting it, storing it, analyzing it — and the exchange of it — between doctor and patient, provider and insurer, covered entity and business associate — that creates value, engages patients, and improves inefficiencies.
For organizations using containerized environments to handle ePHI, ensuring HIPAA compliance without sacrificing the benefits of microservices can be a challenge. Twistlock’s Guide to HIPAA Compliance for Containers outlines clear steps to design and operate a fully-compliant containerized environment.