The Health Insurance Portability and Accountability Act (HIPAA) is a federal law passed in 1996 to protect the security and confidentiality of patients’ personal data — called protected health information, or PHI. HIPAA enforcement has continually strengthened since its passage 20 years ago, and the law itself has expanded in scope, with the passage of the HITECH Act in 2009 and the Omnibus Final Ruling in 2013.
Failure to meet any of the requirements in HIPAA’s hundreds of pages, including the many strict guidelines regarding how PHI data is stored and backed up, can be costly. Are you compliant?
Many businesses incorrectly assume that HIPAA is just a law for healthcare companies.
HIPAA applies to any vendor that deals directly with protected health information (PHI) — creating it, receiving it, storing it and transmitting it — on behalf a health provider or health plan. If that sounds like your business, then you are what HIPAA calls a “Covered Entity,” legally required to safeguard PHI at all times, and subject to significant fines — up to $50,000 per occurrence — for failure to comply.
When it comes to maintaining electronic protected health information — called ePHI — HIPAA sets out strict guidelines for Covered Entities regarding backing up this data, ensuring it can be fully restored in the event of a disaster, keeping it encrypted while in storage, and maintaining physical safeguards to protect the servers and other hardware storing it.
Fortunately, HIPAA allows Covered Entities to share access to their ePHI to third-party experts called Business Associates.
This is where KeepItSafe® can help. We’re the leader in online backup and recovery — and as your Business Associate, we can help bring your data-backup processes into alignment with HIPAA.
At KeepItSafe, we’re experts at protecting highly sensitive patient health data for Covered Entities, and helping them stay on the right side of HIPAA regulators.
We’ll conduct a free assessment of your data backup, encryption, testing, and disaster recovery processes—to determine where they might fall short of HIPAA.
If you sign up for KeepItSafe’s leading online backup and recovery services, we will sign a Business Associate Agreement, accepting shared responsibility for your HIPAA compliance.
Then KeepItSafe will help design a customized automated backup and recovery plan for your ePHI — ensuring this sensitive data is safe at all times, and helping you 24/7 if you ever need us.
“Specializing in data protection for the healthcare industry, KeepItSafe® is the perfect partner to address the compliance-related needs of our clients.”
If you’re looking for a little more detail about exactly how KeepItSafe can help bring your ePHI data storage up to HIPAA standards, here’s how we address each of the three main areas of The HIPAA Security Rule relating to the protection of ePHI:
|HIPAA Demands||KeepItSafe® Provides|