Unfortunately, HIPAA-compliant security is expensive to provide
On our end of the equation, it costs about 4X as much to provide the type of infrastructure that is required for HIPAA compliance. If you've done comparison shopping for the various cloud storage providers, you have probably noticed that when companies have both regular and HIPAA-compliant (i.e., they will sign a business associate agreement) storage products, the HIPAA-compliant storage products are often 4-5X as expensive as the basic non-HIPAA-compliant option. This is an industry-wide phenomenon and is due to a number of factors.
In terms of driving cost, efficiency is the most important factor. Many tech companies provide users with a tremendous amout of storage, much of it for free or at a very low cost. This is because hosting companies provide storage and software solutions that share computing resources in the most efficient way possible. Everyone's data are managed by collective and shared servers. Most of the time you only pay for the cloud when you need it. It is incredibly efficient, there is very little waste, and the savings are passed on to the users.
HIPAA-compliant storage, on the other hand, can't benefit from those same economies of scale or on-demand wholesale pricing. Furthermore, you don't want your sensitive data to be administered by computing resources that are shared by others. In fact, without appropriate access controls that might even be illegal. In order to maintain compliance with US federal law, we have to forego the public cloud and all of its pricing advantages. We need our own infrastructure, reserved for us exclusively. At Insight Notes we use the robust security infrastructure of one of the world's largest data hosting companies, but we pay for our own segregated server with strict access controls, including firewalls, monitoring, security, backup, liability coverage, etc. For us it just costs more - a lot more. When you add all these things up it turns out to cost quite a bit. So much, in fact, that it's impossible to give away.