Although, trusting a cloud based electronic health records system with sensitive health data can seem a little unnerving, investigation by industry experts and regulatory agencies that credential EHR systems against Center for Medicare and Medicaid Services (CMS). The same data security requirements are in place whether the data and application are housed on premise or in a virtual cloud based server. According to Gerard Nussbaum, director of technology services at management consultancy Kurt Salmon Associates at the American Health Information Management Association (AHIMA) Legal EHR Summit in Chicago earlier this month, HIPAA privacy and security rules do not specify whether a provider using a cloud-based EHR owns data in the medical records or if the information belongs to the service host as posted in Physicians Practice online publication. One of the points that has been expressed, is that data house in cloud is more likely to be encrypted than on-site systems and therefore m