Topbar widget area empty.

LOGO

banner ads
  • Home  /
  • HIPAA Security and Cloud Backup

HIPAA Security and Cloud Backup

We can help you comply with the HIPAA Security and Privacy Rules
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard
for protecting sensitive patient data. Any company that stores protected health
information must ensure that all of the required physical, network, and process
security measures are in place and followed. As a provider of HIPAA-compliant
backup services that safeguard protected health information, we ensure that your
data is protected in a way that complies with HIPAA regulations.
We incorporate a combination of technical, administrative, and physical controls
to safeguard personal information consistent with the industry standards and laws
that are applicable to our customers.
We ensure that the requirements in the HIPAA Security Rule—including those for
encryption, password restrictions, and data storage—are in place.

Encryption

• Encryption key: We require you set up a corporate encryption key (c-key) or
personal encryption key, which is known only by you.
• Encryption of data during backup: During the backup process, all files are first
secured with a personal 256-bit AES key encryption key and then transferred to our
data center via a secure SSL connection.
• Encryption of data at rest: HIPAA requires that personal health information must
be encrypted while at rest. Your backed up data remains encrypted while stored at
rest in our data center.

Offsite backup

• Physical security: Our data centers are protected by gated perimeter access,
24x7x365 onsite staffed security and technicians, electronic card key access, and
strategically placed security cameras inside and outside the building.
• Remote/offsite backup: Our service provides an automated remote or offsite
backup and is a key component in any disaster recovery plan as protection against
hardware failure, theft, virus attack, deletion, and natural disaster.
• U.S. data centers only: As required by HIPAA, we send and store all data from a
HIPAA-compliant account to our U.S. data centers only.

Other items

• Logical access: Backed up data may be accessed via the
password-protected, web-based administrative console by
supplying a valid encryption key.
• Written contingency plan: The HIPAA Security Rule
requires that covered entities have a written contingency
plan for responding to system emergencies, including a
detailed plan concerning the data backup and recovery
process in the event of a disaster.
Note: There is no standard HIPAA certificate of compliance
for backup software and services. For more information
about HIPAA and HIPAA compliance, contact your legal
counsel or refer to the HIPAA section of the U.S. Department
of Health and Human Services’ website.

Web Wise

Security

AnchorFree Hotspot Shield