A very significant development that I’d missed. Last month, Google announced that they would sign HIPAA Business Associate Agreements (BAA) for Google Apps. This is a significant sign of maturation in the cloud, and was important competitively for Google, since Microsoft will do the same for Office 365. As the HIPAA Security Officer for UNCG (a Google-adopting school) this is potentially a very big thing. We, like many universities, are a HIPAA Hybrid Entity (parts of the institution are subject to HIPAA and parts are not). We have HIPAA responsibilities in some of our clinics as well as our Student Health area. I’ve not looked at the BAA so I can’t speak to the terms, but this is quite interesting.