Liquid Web and HIPAA Compliance

by | Mar 23, 2018

Healthcare groups seeking a hosting solution may identify Liquid Web as a possible vendor, but is Liquid Web HIPAA compliant?

Can its cloud management services be used by HIPAA-covered bodies for hosting applications and projects that include electronic protected health data?

Any healthcare group that wishes to use the cloud to host applications that use the protected health information (PHI) of patients must choose a vendor whose service includes security measures to ensure the confidentiality, integrity, and availability of ePHI that meet the requirements of the HIPAA Security Rule.

Cloud service suppliers, including hosting firms, are classified as business associates since they possibly have access to their clients’ information. While many cloud service providers believe they do not access customers’ data, they are still classified as business associates. HIPAA-covered bodies and their business associates must therefore complete a business associate agreement with the service supplier before any ePHI is uploaded to the cloud.

Liquid Web has been supplying hosting solutions to SMBs for 20 years. In 2017, the company completed an independent audit of its hosting services to assess compliance with HIPAA/HITECH rules. While there is no official HIPAA compliance certification, the accounting company UHY LLP did certify that the company has put in place appropriate administrative, physical, and technical security measures to satisfy HIPAA Rules. Liquid Web has also passed EU- US and Swiss-US Privacy Shield audits, SOC 1, 2, 3 attestations, and PCI Service Provider recertification.

Liquid Web is willing to complete business associate agreements with HIPAA covered bodies that require hosting services for web content and applications that include PHI. The BAA incorporates its single server and multiple server hosting facilities.

The privacy and security controls adapted by Liquid Web allow HIPAA covered bodies to ensure their data is secure and always accessible. Liquid Web can be a HIPAA compliant hosting service, provided access, security, and audit security measures are set properly and a signed business associate agreement is completed beforeto use of the hosting services in relation to any ePHI.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy