The U.S. Health Insurance Portability and Accountability Act covers the storing and processing of protected health information (PHI and e-PHI). Companies and individuals falling under HIPAA must implement a set of technical, administrative and physical controls which are designed to secure this protected health information.
Bluemix IaaS/SoftLayer’s HIPAA-ready cloud platform is available to covered entities and business associates to support their HIPAA workloads. Clients should also be aware that Bluemix IaaS/SoftLayer regularly performs assessments of the HIPAA ready controls which apply to Bluemix IaaS/SoftLayer, in order to test their effectiveness. In accordance with HIPAA, Bluemix IaaS/SoftLayer offers a standard Business Associate Agreement* to its clients who intend to place HIPAA workload in Bluemix IaaS/SoftLayer cloud.
* Please note that Bluemix IaaS/SoftLayer’s managed services or public (multi-tenant) virtual hosting services are not designed to be HIPAA ready and so not proper repositories of PHI.