To maintain compliance with HIPAA, you need safeguards in these control areas:
Person or entity authentication
Since 2001, the Health Insurance Portability and Accountability Act (HIPAA) has governed the use and disclosure of individually identifiable Protected Health Information (PHI). All healthcare providers and any of their contractors who electronically transmit PHI are subject to the requirements of this rule. With our platform, you can be sure your electronic storage and transmission of PHI data remains HIPAA compliant.
Leave the heavy lifting to us. Our platform enables you to meet or exceed the standards of the major regulatory frameworks like HIPAA, keeping your data safe and enabling your organization’s compliance.
Access ControlUnique User IdentificationAssign each of your users a unique name or number to identify and track their identity through logs and actions. Our platform makes this a breeze with plans for unlimited users so you’re not worried about per-user costs as your organization grows.
Access ControlEmergency Access Procedure
Rest easy knowing that all of your data is backed up daily to an off-site geolocation. Emergencies won’t stand in your way when you need to obtain electronic protected health information.
Access ControlAutomatic LogoffYou can relax when it comes to idle connections. All inactive sessions are automatically terminated within a maximum of 15 minutes to minimize the possibility of unauthorized access.
Access ControlEncryption and DecryptionTake advantage of both at-rest and in-transit encryption to ensure maximum security for your data. Your users can also use their own encryption, like PGP, on files before sharing them.
Audit ControlsDetailed Activity Logs
Oversee the ongoing history of all your site’s activity in minute detail with comprehensive activity logs that are neatly stowed away in files that don’t count against your storage quota.
Data IntegrityChecksum Verification
Detect data corruption errors before they become issues. SFTP protocol provides checksum verification to automatically check your data integrity so you can be sure of its accuracy and consistency.
Person or Entity AuthenticationMultiple Authentication Options
Verify your users with either a password or an SSH key, or get the added protection of multi-factor (OTP) authentication and IP address restrictions when you opt for our Performance or Enterprise plans.
Transmission SecurityIntegrity Controls
Ensure that all electronic protected health information in your care is protected by either SSL (TLS 1.2) or SSH2 encryption to prevent it from being improperly modified before disposal.
Stay HIPAA-compliant with a bundle of configurable features like:
SSO integration for identity management
Immutable file and admin logs
Data encryption at-rest and in-transit
Virus and malware scanning
Multi-factor authentication for all users
Folder level permissions and file retention controls
User level permissions for secure file sharing
Compliance with HIPAA has never been more crucial for companies handling PHI. Not only do its rigorous requirements help protect sensitive data, but your organization could face major non-compliance consequences like heavy fines or even jail time if it doesn’t abide by HIPAA regulations. That’s why our BAA is custom-crafted by some of the same attorneys who wrote the regulations.
Take the guesswork out of HIPAA compliance by entrusting the job to the experts in secure file sharing.
Building and maintaining a HIPAA-compliant platform for storing and sharing files is complicated, but our HIPAA-compliant file sharing meets all categories of security: physical, technical, and administrative.
HIPAA requirements that cover physical safeguards, as well as infrastructure security and administration requirements, are all met by our datacenter partners' SSAE 18 (SOC 2 Type II) certification
The extensive technical safeguards required by HIPAA include access controls for administrators, tight controls over user authentication, data encryption at rest, and more — all of which are provided on our platform.
Administrative safeguards include the policies, procedures, and actions implemented by us and our Cloud Service Providers to support managing and maintaining HIPAA-protected information on our platform
See Our Platform In Action
You don’t have to take our word for it. We’ve been leading the charge in secure online file sharing since HIPAA took effect, and we’d love to show you how we do it. Schedule your demo today.