Is Rackspace HIPAA Compliant?

Rackspace is a cloud computing company based in Windcrest, Texas that provides public cloud and email hosting services. Many companies use the firms hosting services, but how about HIPAA-covered entities? Can Rackspace hosting be used without breaking HIPAA Rules? Does Rackspace support HIPAA compliance and is Rackspace willing to sign a business associate agreement (BAA) with HIPAA covered entities?

Rackspace has acquired HITRUST and HITRUST CSF certifications which show that the company satisfies the data and privacy security standards required by HIPAA for managed private, public and hybrid clouds. The company utilizes extended SSL encryption and complies with PCR DSS data security specifications.

Rackspace knows that by letting healthcare institutions to use its products and services, the company is classified as a HIPAA business associate and is required to sign an business associate agreement. Rackspace has prepared a BAA covering its dedicated hosting solutions. The BAA is included, by default, for all healthcare organizations using its dedicated hosting solutions

Because Rackspace is prepared to enter into a BAA with healthcare providers and has put in place all the required safety measures on its hosting services to be sure that healthcare providers can use them without breaking HIPAA Rules, Rackspace can consequently be regarded as a HIPAA complaint hosting firm.

Nevertheless, it is the responsibility of users to make certain that the hosting services have been correctly configured. Rackspace is unable to ascertain whether its consumers are using its hosting solutions in a way that is in accordance with HIPAA Rules and cannot guarantee that all requirements of HIPAA are satisfied and appropriate safeguards are in place. That said, Rackspace offers technical support to healthcare organizations that wish to use its services to help them use its services in a HIPAA compliant manner.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: