Healthcare providers are looking to cloud computing to safeguard PHI, demonstrate Meaningful Use, and safely enable widespread staff use of mobile devices while complying with the newest HIPAA updates. This is particularly challenging given the added constraints of tighter budgets, smaller staffs, and greater stakeholder demands. Some providers hesitate to move HIPAA-centric applications and workloads to the cloud. They see HIPAA compliance as a moving target that never settles in one place long enough to generate confidence. All too often, that’s the wrong strategy. This whitepaper outlines a five step process for achieving HIPAA compliance and protecting PHI in the cloud amidst the challenges that all providers face.