
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA), Security Standards for the Protection of Electronic Protected Health Information (HIPAA Security Rule), and the Notification in the Case of Breach of Unsecured Protected Health Information (HITECH Breach Notification Requirements) were enacted as a part of the American Recovery and Reinvestment Act of 2009 for the security and privacy of Protected Health Information (PHI) in the United States.
Our data centers in Vint Hill (Virginia) and Hillsboro (Oregon) are HIPAA- and HITECH-compliant.
OVHcloud US IT systems, production systems and teams operate as a completely separate entity from all other OVHcloud operations. This means that OVHcloud data centers outside of the US are not subject to the CLOUD Act.


We are here to help you get started. You may schedule a free consultation with an OVHcloud advisor to discuss an architecture that best suits your business needs.

The scope of the Type 1 HIPAA attestation is the OVHcloud Services and US Data Centers:
Services:
US Data Centers:
- Vint Hill, Virginia (East Coast)
- Hillsboro, Oregon (West Coast)
Additional services
Certifications and reports
Our customers can request access to our certifications and reports. They may also obtain documents relating to our certifications under certain conditions.
US customers utilizing OVHcloud international Data Centers should contact their sales representative for Health Data Hosting (HDS) for European Healthcare compliance.