IDriveSync Support - 1 866 748 0555

HIPAA Compliance

The Health Insurance Portability and Accountability Act of 1996 (HIPAA), was the result of efforts by the federal government to ensure healthcare data practices permitted ease for patients to move jobs, insurance and healthcare providers.

The goals and objectives of this legislation are to streamline industry inefficiencies, reduce paperwork, make it easier to detect and prosecute fraud as well as abuse while enabling workers of all professions to change jobs easily, even if they (or family members) had pre-existing medical conditions.

HIPAA requires the ability to establish and maintain reasonable and appropriate administrative, technical and physical safeguards to ensure integrity, confidentiality and availability of information. Healthcare organizations are required to individually assess their security and privacy requirements as well as take suitable measures to implement electronic data protection (both in transit and in storage). As proposed, a HIPAA-compliant information system will need to include a combination of administrative procedures, physical safeguards and technical measures to protect patient information while it is stored and while it is transmitted across communications networks. IDriveSync provides critical data security protection without compromising patient privacy and can help customers achieve HIPAA compliance.

IDriveSync assists healthcare providers to be HIPAA compliant in these areas:

  • Unauthorized access to individually identifiable health records is strictly forbidden, so data is encrypted and transmitted securely to a vault that resides at a world-class data center that is insured to provide data protection service
  • Access to the vaults and the data center is strictly controlled through administrative procedures, physical safeguards, and technical security measures to prevent unauthorized use or disclosure of customer data
  • Logical access to the data is strictly controlled with a secure user interface, which provides the ability to set password policies and assign users rights to manage specific servers. More importantly, access through the web does not permit a user to view the contents of data
  • Data remains on the IDriveSync servers for as long as you wish to retain it

Many of the compliance items require usage of the optional private encryption key that is known only to the user and not stored on the IDriveSync servers.

© 2012 Pro Softnet Corporation.
All rights reserved.