Healthcare organizations have massive regulatory obligation and liability risk when using cloud services to store, or process protected health information (PHI) or building web-based applications that handle PHI, and therefore are subject to the strictest security requirements.