Microsoft updates Business Associate Agreement, keeps it cool with HIPAA

As Microsoft continues to push for more companies to use its cloud services such as Office 365, it sometimes has to make some changes in order for those services to be accessed by certain industries. Today, the company announced it has updated its Business Associate Agreement so that Office 365, Windows Azure and other cloud services can be used by U.S. healthcare companies.

Microsoft's press release states that the new Business Associate Agreement is now compatible with the security and privacy regulations in the U.S. Health Insurance Portability and Accountability Act; the new HIPAA rules went into effect on March 26th.

Dennis Schmuland, Microsoft's chief health strategy officer, stated:

Microsoft Office 365 is the only major cloud business productivity solution to programmatically offer a BAA built with the industry, and for the industry, to HIPAA-regulated customers, allowing healthcare organizations to be confident in the security and privacy of their patient data while empowering their staff to communicate and collaborate virtually anytime and almost anywhere.

One of the changes that Microsoft made to its agreement was that any of its cloud service subcontractors that are involved in handling health information are also covered by the same HIPAA privacy and security rules as Microsoft.

Source: Microsoft | Image via Microsoft

Report a problem with article
Previous Story

Apple slammed with fine over illegal copyright violation

Next Story

Xbox 360 sports-themed apps unlocked this weekend for all users


Commenting is disabled on this article.

I have Office 365 Home Premium, and I get sent an snail mail letter invoice each month for use of Office. I mean a paper letter in a paper envelope, each month. Are they nuts? Have they heard of email? All the trees they're killing? All the laughter?

They are meant to be a World technology leader. They sure have a funny way of demonstrating it. And I mean it. I'm gobsmacked.

Is there not an option to get it through e-mail? Or a way to unsubscribe from the paper mail? If not, then I too am a bit shocked and disappointed.

Not being funny but they've gone through and deleted skydrive content without informing people... I wouldn't rush to say this is the most trustable thing I've heard though consumer VS business solutions might differ.

I've always read that Skydrive should not be used for HIPAA info as Microsoft has access to the files. Has that changed with this new BAA, or was my previous information incorrect?