HIPAA Research Computing Service
- Service Overview
- Eligibility & Costs
- Support, How-To’s & Info
HIPAA research computing environments meet the information security requirements mandated in the Health Insurance Portability and Accountability Act. These environments are available to UA researchers when contracts, awards, or data use agreements that require HIPAA security and privacy protection requirements. The environments are built in Amazon Web Services Gov Cloud.
Services available include:
- Project consulting and startup services
- Configuration, deployment, and management of compute and storage systems
Contact the Controlled and Regulated Research Program team at firstname.lastname@example.org
UA research faculty who are working with HIPAA compliant data. The PI (principal investigator) can request the addition of members of their team approved by the IRB to access the project.
UITS has created a direct charge model for the cost of a HIPAA compliant environment. AWS charges for the time a system is up and running. Each environment will contain a bastion or terminal host (authentication and protection front end) and at least one compute host (device hosting analysis software with access to research data). AWS offers a wide variety of compute host types, configurations, and storage options as well as several different costing models. The cost will be determined by these variables. These will be direct AWS charges (no overhead or markup included) and will be billed to your provided KFS account. All environments will be supported by UITS. A cost estimate based on your project needs can be requested at email@example.com. For additional information, visit our Controlled and Regulated Research Direct Charge Model Confluence page.
There are three (3) required trainings before access can be granted.
- HIPAA Essentials: https://rgw.arizona.edu/compliance/hipaa-privacy-program/hipaa-training-...
- Insiders Threat Awareness Training: https://learning.uaccess.arizona.edu/psp/uazelprd/EMPLOYEE/ELM/c/LM_SS_L...
- University Information Security Awareness Training or Refresher: https://security.arizona.edu/node/313
The third Thursday of each month from 6:00pm-12:00am, there will be scheduled down time for approximately 6 hours. During this maintenance window, the HIPAA platforms will be inaccessible and all running processes will be stopped. All administrative operations around the platform will resume immediately after the maintenance window. This time will be used to patch, update, and improve overall service.
if you have questions or issues, please contact the CUI administration team at firstname.lastname@example.org.