skip to Main Content


Are you worried about HIPAA compliance? Good. If healthcare behemoths can’t lock down their data, there’s a good chance your organization’s data is in danger as well. Like them, you could probably do better — but you’re not entirely to blame, either.

Some cloud vendors have been benefiting from HIPAA compliance panic, and selling the medical profession a bill of goods. They advertise “HIPAA compliant hosting” and similar services deceptively, knowing many organizations are looking for an easy out. The truth is, no one can make your organization HIPAA compliant but you. The right partner, however, can make it a lot easier.

Compliant Hosting is Necessary, But Not Sufficient

When companies offer HIPAA compliant cloud services, they usually mean that their products don’t break HIPAA; their internal processes are secure enough to host HIPAA data — assuming you put all the other pieces into place.

HIPAA cloud compliance requires a range of security tools, including encryption, multi-factor authentication and DLP. It also requires that the rest of your organization is secure. Without onsite access control, technology policies, breach notification procedures and other measures, cloud compliance only does so much.

A company could offer “HIPAA compliant hosting” and really provide nothing but barebones hosting with reasonable internal security. Without the internal expertise to implement your own security and compliance strategy, you’d be no safer than before.

How Symmetry Helps Our Partners Achieve HIPAA Compliance

Symmetry goes far beyond HIPAA compliant hosting to offer a complete security and compliance solution. Our data centers are independently certified to ISO/IEC 27001 and SSAE16 compliance standards, offering internal security that goes above and beyond what HIPAA requires. We encrypt our servers by default, and operate a 24-hour monitoring and incident response service that can detect hackers before they gain access to PHI and other protected data.

We’re also fantastic engineers, offering superior IT consulting services. We can build a system from the ground up to secure your cloud data. But cloud compliance isn’t enough. Our Security as a Service team can audit your organization’s administrative, physical and technical safeguards, building ironclad security in the workplace and the cloud.

HIPAA Compliant Hosting that Means Something

Piecemeal security solutions always have gaps. When companies employ separate cloud hosting, facilities control and software providers, someone is bound to miss something. By combining managed hostingmanaged security services and Compliance as a Service, Symmetry can make sure your entire HIPAA strategy works together.

We’ll be able to handle everything from designing your IT infrastructure, to making sure your staff are following HIPAA guidelines. That means you’ll spend less time worrying about HIPAA cloud compliance, and more time providing great top-notch medical services. Contact us to learn more about how we can keep your organization HIPAA compliant.


Scott Goolik - VP, Compliance and Security Services

Scott Goolik - VP, Compliance and Security Services

Scott Goolik is VP of Compliance and Security Services at Symmetry. A recognized expert in the field of SAP security and compliance, Scott has over 20 years of expertise in SAP security and is a regular presenter at SAP industry tradeshows and ASUG events. His experience includes working for one of the Big Four accounting firms and developing auditing tools, including those for segregation of duties (SOD). Scott is also responsible for architecting the ControlPanelGRC® solution which provides audit automation and acceleration of security and control processes.