HIPAA Compliant File Sharing Service

For Healthcare Providers & Others Who Work With Protected Health Information

admin and authentication

What Is HIPAA?

Health Insurance Portability and Accountability Act, abbreviated to HIPAA. The basic premise of HIPAA is to:

1. Enable secure sharing, storage and transmission of Protected Health Information (PHI) by authorized persons and entities
2. Control and monitor the degree of disclosure and usage of PHI
3. Improve the effectiveness and efficiency of the US health care system.

Another act that needs to be taken into account is the Health Information Technology for Economic and Clinical Health Act (HITECH).

Who Must Be HIPAA Compliant?

HIPPA applies to Covered Entities and Business Associates

Covered Entities include:

  • Healthcare providers such as doctors, nurses, psychologists, dentists, chiropractors.
  • Organizations who provide healthcare services such as hospitals, nursing homes, clinics, pharmacies.
  • Health insurance companies.
  • Clearing houses.

Business Associates are entities or persons not defined as a Covered Entity that provide services to them, or perform activities that involve PHI.

Requirements For HIPAA Compliance

HIPAA has a number of rules within it, 4 of which are addressed in this section.

The Privacy Rule

The Privacy Rule defines what safeguards must be in place to protect the privacy of PHI. It also sets limitations on the disclosure and use of PHI done without patient permission.

There are a number of policies within the Privacy Rule, but one we would like to highlight is, data safeguards that require securing ePHI with passwords, and additional measures, to prevent unauthorized access, and to control and monitor authorized access.

The Security Rule

There are 3 parts within the security rule which are to do with the required specifications concerning administrative, technical, and physical safeguards. Adherence to these 3 parts facilitates the confidentiality, security, and integrity of electronic PHI (ePHI).

Administrative Safeguards

Security Management Process

Identify potential risks to ePHI and put measures in place to reduce the risk to an appropriate and reasonable level

Periodic Evaluation

Perform a periodic evaluation of the various measures put in place to assess how effective the introduced measures are in attaining compliance with the Security Rule.

Information Access Management

In accordance with the Privacy Rule to limit the disclosure of ePHI to the absolute necessary minimum, this measure requires the implementation of policies that define when authorization is permitted to access ePHI, who is authorized to access ePHI, and the degree of disclosure of ePHI.

Technical Safeguards

The following are specific requirements that must be attained regarding the technology that is used in conjunction with ePHI.

Access Control

Implement measures that permit only authorized people to access ePHI.

Audit Control

Keep a detailed auditable trail of activity in relation to disclosure, access, and use of ePHI.

Integrity Control

ePHI must be protected against unauthorized alteration and destruction.

Authentication

Verify that a person or entity attempting to access or use ePHI is authorized to do so.

Authentication

ePHI must be protected against unauthorized alteration and destruction.

The Enforcement Rule

The Enforcement Rule permits Health and Human Services – Office For Civil Rights to enforce the Privacy and Security Rule, with the authority to investigate, review, and fine Covered Entities and Business Associates.

The Breach Notification Rule

This rule specifies how Covered Entities and Business Associates must respond if there is a data breach. Patients and Health and Human Services (HHS) must be notified within a set number of days upon discovering a data breach.
When notifying relevant authorities and persons of a breach, among the information included, you must state if known, who accessed or used ePHI.

How Filemail Ensures HIPAA Compliant File Sharing

We have a number of features that ensure we provide a file-sharing service that enables you to be HIPAA compliant.
penetration report

BAA Ready

We use Business Associate Agreements with all users, organizations, and entities who require this formal standardized agreement with us.
encryption

Encryption

End-to-end data transmission encryption using SSL/TSL 256-bits to safeguard your data. Files you send, store and receive are safe and secure.

US Data Storage

With several servers based in the United States, you can rest assured your data is stored in the region you need, so as to comply with federal and industry regulations.
intrusion detection

Access Monitoring

We provide a comprehensive monitoring component that lets you know what files were sent and received, by whom, what files were accessed to name just a few details.

delivery tracking

Authentication

2-factor authentication to make sure only permitted personnel can access designated files. Thanks to SAML/SSO, identity management within Filemail is an extension of your overall cybersecurity strategy.
password protection

Stringent Security

Custom file expiration dates, password protection of files, authentication requirements on download pages, and anti-virus protection shows we take robust measures to protect your files.
delivery tracking

Auditable Trial

Events and actions such as uploading, downloading, by whom, when, IP location, and a host of other details mean you get visibility into what is happening to your data and when.
address book

Real-Time Notifications

We keep you up-to-date and in the loop as to what is happening within your account. You can also use an additional service we offer that provides updates via SMS.

Additional Benefits Of Our HIPAA Compliant File Sharing Service

calculator

Cost Effective

Setting up a cloud-based solution that meets the requirements of HIPAA is an expensive time-consuming process. As a HIPAA compliant file transfer solution, you’ll be able to get up and running with significantly less expenditure.

Mobility

With a full range of apps available for all major platforms, you can access protected information as and when you need to, be it in the office or otherwise.
Mobility

What Else Is Included In Your Filemail Account

custom subdomain

Custom Subdomain

brandable

Brandable Account

quicker to transfer

Fast Transfer Rates

integrate upload form

Upload Form On Your Site

more storage

5 TB Storage Per User

stellar customer support

Premium Support

What Our Users Think

Mobile App Ratings

iOS App Store

15.4k Rating: 4.57
4.57/5

Google Play Store

7.78k Rating: 4.5
4.5/5

Testimonials

I have used Filemail for several months and find it very easy to use. It solved problems we have here at the bank when we need to send large files. The platform also provides a secure way to send confidential information back and forth between the bank and our customers.

Bruce Fairbank – Labette Bank
Filemail is the easiest and fastest way to send large files. Some of my clients have been so impressed with Filemail when they have received my videos that they have started using it for their own businesses

Deborah Alvino – CLVS (Coastal Legal Video)
Filemail has solved all my file transfers problems I have had in the past. Fast reliable, friendly to use. Very happy with the service. We send our shows all over the world, Filemail is a great help.

Jorge Elias Alarcon – Hollywood Channel

Some Of Our Clients

7-Day Trial You Can Get Up & Running In Minutes

Protect Your Patients, Reputation, & Business, With A HIPAA Compliant File-Sharing Service


Check Out Enterprise Plan