On October 7, 2016, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) published guidance (“Guidance”) on how cloud services providers (“CSPs”) and covered entities using cloud computing solutions can comply with the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act (“HIPAA”). Over the last … Continue Reading