How should you store your practice’s PHI?

With breaches quadrupling in 2016, many practices and hospitals are at a loss as to how to store their protected health information (PHI).

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

Some providers and hospitals have moved their PHI overseas with offshore vendors.

Unfortunately, if a breach occurs, the Office of Civil Rights has stated that they will not pursue foreign companies. This means, that all the risk is on the HIPAA-covered entity.

This problem becomes bigger when providers use stateside business associates – who then use offshore vendors.

What should a provider do?

Make sure that your business associate agreements are very clear that you will not allow your data to be stored offshore and you do not allow business associates to use offshore resources.

Find out if any of your vendors do offshore data. If they do, find out what policies they have in place to protect themselves and your practice.

We recommend that our clients encrypt all of their PHI.

Encryption is an essential tool and should be worked into part of your practice’s HIPAA risk assessment.

If you choose to allow your PHI to be stored off-shore, make sure to have adequate contractual protections in place – and make sure to enforce them.

No matter where you choose to store your practice’s PHI, make sure to have adequate business associate agreements in place, proper policies and procedures, and regular trainings regarding privacy and security.

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, 

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

P.S. If you or your patients are interested in consumer healthcare issues, check out

Related Posts


Recent Posts

Do I Need an Emergency List?
March 23, 2023
Breaking: New Self-Disclosure Policy
March 21, 2023
What is a Power of Attorney?
March 16, 2023
Can Your EHR Template Land You in Prison?
March 14, 2023
What Happens When You Don’t Fund Your Trust?
March 9, 2023


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!