Hippa Compliant architecture
I am developing a medical billing software and should be HIPAA compliant. Currently I have designed the application as one database per tenant. But I need to change that architecture to use a Multi tenant database. Is there any problem with HIPAA for using a Multi tenant database. If no then, is it possible to get any valid document/proof describing the architecture compliance.
Any help will be highly appreciable,
I am no expert on HIPAA, however, you can create local usernames in one tenant database that only have rights
to that database. Which should help with the HIPAA requirements. To me this is not really a database question,
its a HIPAA question. You need to define how you keep people from one tenant database from seeing anything
in a different tenant database. Also focus on granting privileges based on the least amount of privileges needed
to access the application.
this space intentionally left blank
Click Here to Expand Forum to Full Width