How should you store your practice’s PHI?

With breaches quadrupling in 2016, many practices and hospitals are at a loss as to how to store their protected health information (PHI).

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

Some providers and hospitals have moved their PHI overseas with offshore vendors.

Unfortunately, if a breach occurs, the Office of Civil Rights has stated that they will not pursue foreign companies. This means, that all the risk is on the HIPAA-covered entity.

This problem becomes bigger when providers use stateside business associates – who then use offshore vendors.

What should a provider do?

Make sure that your business associate agreements are very clear that you will not allow your data to be stored offshore and you do not allow business associates to use offshore resources.

Find out if any of your vendors do offshore data. If they do, find out what policies they have in place to protect themselves and your practice.

We recommend that our clients encrypt all of their PHI.

Encryption is an essential tool and should be worked into part of your practice’s HIPAA risk assessment.

If you choose to allow your PHI to be stored off-shore, make sure to have adequate contractual protections in place – and make sure to enforce them.

No matter where you choose to store your practice’s PHI, make sure to have adequate business associate agreements in place, proper policies and procedures, and regular trainings regarding privacy and security.

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, 

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

P.S. If you or your patients are interested in consumer healthcare issues, check out

Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.