HIPAA AUDITING IN CLOUD COMPUTING ENVIROMENT

The rise of cloud computing has been driven by the benefits, the cheapest purveyor of application hosting, storage, infrastructure, huge cost savings with low initial investment, elasticity and scalability, ease of adoption, operational efficiency, on-demand resources. With all the security and Privacy Laws in the Health Care field today anyone that works with confidential information should know how to protect that information. The Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations are two crucial provisions in the protection of healthcare data. Governance, compliance and auditing are becoming as important pedagogical subjects as long established financial auditing and financial control. Designing sound IT governance, compliance, and auditing is a challenging task. This Thesis elaborates the concept of HIPAA compliance in cloud computing by taking a look at the history and dynamics and how Cloud computing changes the astir of certain parts of HIPAA Security requirements. We briefly describe the cyber warfare as a premise to enforce the reasons for complying with government regulations for information systems. The purpose of this Thesis is to explain the importance of HIPAA and research what it takes for Healthcare data to be HIPAA Compliant. Also, explaining what is expected of Healthcare industries if there is an audit and how does HIPAA Auditing play a big part in HIPAA compliance. The Cloud is a platform where all users not only store their data but also used the services and software provided by Cloud Service Provider (CSP). As we know the service provided by the cloud is very economical due to which the user pay only for what he used. This is a platform where data owner remotely store their data in the cloud to enjoy the high quality services and applications. The user can access the data, store the data and use the data. In a Corporate world there are large number of client who accessing their data and modifying a data. To manage this data we use third party auditor (TPA), that will check the reliability of data but it increases the data integrity risk of data owner. Since TPA not only read the data but also he can modify the data, therefore a novel approach should be provided who solved this problem. We first examine the problem and new potential security scheme used to solve this problem. Our algorithm encrypt the content of file at user level which ensure the data owner and client that there data are intact.