MCS has chosen Microsoft as our email and cloud services partner. Microsoft has a long history of working with and protecting sensitive enterprise data and complies with many security standards across a wide variety of industries. For this reason we have chose Microsoft’s Office 365 SaaS offering as our HIPAA compliant email and cloud storage solution.
This new email system will provide enhanced security protecting patient privacy that was only recently available to enterprise customer. We are also excited that this brings HIPAA compliant forms to our website which will allow us to more quickly and securely serve patients.
The Microsoft platform goes beyond HIPAA and meeting a wide variety of industry security compliance regulations:
- HIPAA/HITECH - Microsoft offers Health Insurance Portability & Accountability Act Business Associate Agreements (BAAs).
- FERPA - Microsoft aligns with the requirements of the US Family Educational Rights and Privacy Act.
- HITRUST - Azure is certified to the Health Information Trust Alliance Common Security Framework.
- MARS-E - Microsoft complies with the US Minimum Acceptable Risk Standards for Exchanges (MARS-E).
- NEN 7510:2011 - Organizations in the Netherlands must demonstrate control over patient health data in accordance with the NEN 7510 standard.
- NHS IG Toolkit - Azure is certified to the Health Information Trust Alliance Common Security Framework.
- ISO/IEC 27001 - Microsoft is certified for its implementation of these information security management standards.
- ISO/IEC 27018 - Microsoft was the first cloud provider to adhere to this code of practice for cloud privacy.
- EUMC - Microsoft offers EU Standard Contractual Clauses, guarantees for transfers of personal data.
Microsoft’s services are compliant with too many regulations to list here. For a full list of Microsoft’s compliance offerings click here.