HIPAA-Compliant Servers at CHPC

CHPC's cybersecurity professional Wayne Bradford, along with John Hurdle, Bernie LaSalle and Julio Facelli at BMI, has published a case study of the HIPAA-compliant environment at CHPC. The study shows 'how an HPC can be re-engineered to accommodate clinical data while retaining its utility in computationally intensive tasks such as data mining, machine learning, and statistics.' Access to CHPC's secured servers requires double authentication: first, users must have access to the CHPC virtual private network; and, second, users must be listed in the HPC network information service directory. Additional security is provided by housing the physical hardware in our data center that has controlled room access. All CHPC employees and the users of the secured servers are required to take the U's Health Insurance Portability and Accountability Act training. The HIPAA-compliant environment is put to good use. Wayne reports that 'in the first 3 years, researcher count has increased from 6 to 58.'

You can read his full case study here.