Can Liquid Web Be Used by Healthcare Organizations Without Violating HIPAA Rules?

Can Liquid Web Be Used by Healthcare Organizations Without Violating HIPAA Rules?

Liquid Web is a hosting solution provider that has been in the business for 20 years. Is it a HIPAA compliant vendor of cloud services? Can healthcare organizations use Liquid Web to host applications and projects in connection with electronic protected health information (ePHI)?

The HIPAA Security Rule requires healthcare organizations to choose carefully the cloud hosting services they use in connection with sensitive health data of patients. The vendor must provide services that implement safeguards to keep the integrity, confidentiality and availability of ePHI.

Cloud hosting services are also classified as business associates because they get potential access to patient’s health data. Even if these providers claim that they don’t access patient data, they are still considered as business associates. Therefore, a business associates agreement (BAA) is necessary when HIPAA-covered entities and business associates enter into a partnership and share ePHI.

Liquid Web has long been trusted by many SMBs as provider of hosting solutions. In 2017, the company had an independent audit of its hosting services to check its compliance with the HIPAA rules and HITECH Act. There was no official HIPAA compliance certification issued, but the accounting firm UHY LLP certified that the company satisfactorily met the administrative, technical and physical safeguards requirement of HIPAA. Liquid Web also has been certified to pass the EU-US and Swiss-US Privacy Shield audits, SOC 1, 2, 3 attestations and PCI Service Provider recertification.

Liquid Web also signs BAAs with HIPAA covered entities that use its hosting services for applications, web content and protected health information. The BAA covers both single server and multiple server hosting services.

In summary, Liquid Web offers a HIPAA compliant hosting service to healthcare organizations because it implements privacy, audit and security controls required by HIPAA to ensure the security and availability of PHI. Liquid Web is also ready to sign a business associate agreement prior to the use of their hosting services by HIPAA covered entities.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: