HIPAA Vault is 3rd party audited for HIPAA Compliance!
HIPAA Vault provides HIPAA Compliant Cloud Solutions to healthcare organizations to protect Patient Health Information (PHI) data under the HIPAA and HITECH Act. We’re in your corner, working to ensure your sensitive patient information is kept in utmost confidence, protected from exposure and vulnerabilities.
We are verified by the Compliancy Group.
Verify Another Organization
As part of our HIPAA-managed solutions, we also provide our customers with a way to independently verify that their health data is in compliance with HIPAA cloud standards.
In order to be considered HIPAA Cloud Compliant, organizations must follow a specific program of compliance that includes encryption, audits, system updates, and much more.
To verify that an organization is currently HIPAA Cloud Compliant with HIPAA Vault, please fill out the form below and we will respond to you with an email that lets you know the compliance status of the organization. Please contact us to learn more about our HIPAA Compliant Solutions.
The HIPAA Vault HIPAA Cloud Compliance Program means that an organization has:
- A signed Business Associate Agreement (BAA) between both business entities
- Protection of PHI files with the highest level of encryption and access controls
- Systems that are monitored 24/7 to ensure consistent reliability and uptime
- A plan for logs and PHI data to be maintained for 6 years
- HIPAA compliance with their Managed Cloud Infrastructure
HIPAA Requirement Features
HIPAA Vault removes the confusion surrounding HIPAA compliant cloud hosting, ensuring you stay compliant when it comes to your cloud host.
|HIPAA Requirement Feature||Description|
|Offsite Backups||HIPAA compliant server requires full backups of data to a separate facility other than the data center.|
|PHI Encryption||Under HIPAA compliance guidelines, PHI data must be encrypted both at rest and in transit. Your data stored in the cloud is encrypted with AES-256 symmetric cryptography and your data in transit is encrypted with an RSA 2048 bit key.|
|Security Information & Event Management (SIEM)||The Server Log Management function indexes server logs and creates a searchable index for log file analysis or log auditing. HIPAA compliant cloud hosting guidelines require log collection.|
|Host Intrusion Detection System (HIDS)||Monitors log activity and sends email alerts to the system administrator when an anomaly is detected. HIDS automatically adds firewall rules to block the source of any anomaly.|
|Web Application Firewall (WAF)||Blocks and monitors network traffic at the application level. Rule customization and advanced security features protect applications and services. Whereas a physical firewall allows traffic through HTTP and HTTPS, the WAF filters attacks to stay within the HIPAA compliant web hosting guidelines.|
|Two-Factor Authentication||A method of authentication that is more secure than using a simple password alone. It employs the use of a second factor that adds to the complexity of user authentication.|
|Business Associate Agreement||Provides assurance that HIPAA Compliant data will be safeguarded and protected by an entity that provides services for a HIPAA Compliant organization. The Business Associate Agreement must be provided in writing to the covered entity.|
|Vulnerability Assessment Scans||Run regular vulnerability assessment scans in order to reveal any weakness in security that should be remedied.|
|Password Management||Manage password policies to ensure they are being changed on a regular basis and they are complex enough to meet the security policies.|