Chopra said he foresees, “great possibilities for services like Box, which already has mass consumer and enterprise adoption, to usher in much-needed innovative and cost-effective approaches for data sharing between providers, payers and patients.”
The adoption of cloud-based computer-storage and data-processing services has grown rapidly in other industries, but has advanced slowly in healthcare because of privacy and security concerns.
One barrier to clinical information management expansion has been the reluctance of some cloud-based service providers to accept the legal responsibilities attached to handling patient-identifiable medical records.
The Health Insurance Portability and Accountability Act of 1996, the key federal healthcare privacy and security law, was amended by the American Recovery and Reinvestment Act of 2009. It expanded direct liability for HIPAA privacy and security violations to “business associates” of hospitals, office-based physicians, health plans, claims clearinghouses and other so-called HIPAA “covered entities.” Potential liabilities include both civil and criminal penalties.
Founded in 2005, the privately held, Los Altos, Calif.,-based Box announced last April its intention to provide HIPAA-compliant services to healthcare providers. Since then, “sales in healthcare and life sciences have grown six-fold, with new customers like MD Anderson Cancer Center, St. Joseph Health, UnityPoint Health, Benaroya Research Institute at Virginia Mason (BRI) and Sinai Health System,” a Box statement said.
Follow Joseph Conn on Twitter: @MHJConn