HIPAA Compliant File Sharing Service
For Healthcare Providers & Others Who Work With Protected Health Information
What Is HIPAA?
Health Insurance Portability and Accountability Act, abbreviated to HIPAA. The basic premise of HIPAA is to:
1. Enable secure sharing, storage and transmission of Protected Health Information (PHI) by authorized persons and entities
2. Control and monitor the degree of disclosure and usage of PHI
3. Improve the effectiveness and efficiency of the US health care system.
Another act that needs to be taken into account is the Health Information Technology for Economic and Clinical Health Act (HITECH).
Who Must Be HIPAA Compliant?
HIPPA applies to Covered Entities and Business Associates
Covered Entities include:
- Healthcare providers such as doctors, nurses, psychologists, dentists, chiropractors.
- Organizations who provide healthcare services such as hospitals, nursing homes, clinics, pharmacies.
- Health insurance companies.
- Clearing houses.
Business Associates are entities or persons not defined as a Covered Entity that provide services to them, or perform activities that involve PHI.
Requirements For HIPAA Compliance
HIPAA has a number of rules within it, 4 of which are addressed in this section, as it pertains to the usage of a HIPAA compliant file sharing service.
The Privacy Rule
The Privacy Rule defines what safeguards must be in place to protect the privacy of PHI. It also sets limitations on the disclosure and use of PHI done without patient permission.
There are a number of policies within the Privacy Rule, but one we would like to highlight is, data safeguards that require securing ePHI with passwords, and additional measures, to prevent unauthorized access, and to control and monitor authorized access.
The Security Rule
There are 3 parts within the security rule which are to do with the required specifications concerning administrative, technical, and physical safeguards. Adherence to these 3 parts facilitates the confidentiality, security, and integrity of electronic PHI (ePHI).
Security Management Process
Information Access Management
The Enforcement Rule
The Breach Notification Rule
How Filemail Ensures HIPAA Compliant File Sharing
US Data Storage
We provide a comprehensive monitoring component that lets you know what files were sent and received, by whom, what files were accessed to name just a few details.
2-factor authentication to make sure only permitted personnel can access designated files. Thanks to SAML/SSO, identity management within Filemail is an extension of your overall cybersecurity strategy.
Events and actions such as uploading, downloading, by whom, when, IP location, and a host of other details means you get full auditable trails into what is happening to your data and when.