We are verified! 3rd party audited for HIPAA Compliance
HIPAA Vault is in your corner, working to ensure your sensitive patient information is kept in utmost confidence, protected from exposure and vulnerabilities. We are verified by the Compliancy Group.
HIPAA Vault removes the confusion surrounding HIPAA compliant cloud hosting, ensuring you stay compliant when it comes to your cloud host.
HIPAA Requirement Feature
HIPAA compliant server requires full backups of data to a separate facility other than the data center.
Under HIPAA compliance guidelines, PHI data must be encrypted both at rest and in transit. Your data stored in the cloud is encrypted with AES-256 symmetric cryptography and your data in transit is encrypted with an RSA 2048 bit key.
Security Information & Event Management (SIEM)
The Server Log Management function indexes server logs and creates a searchable index for log file analysis or log auditing. HIPAA compliant cloud hosting guidelines require log collection.
Host Intrusion Detection System (HIDS)
Monitors log activity and sends email alerts to the system administrator when an anomaly is detected. HIDS automatically adds firewall rules to block the source of any anomaly.
Web Application Firewall (WAF)
Blocks and monitors network traffic at the application level. Rule customization and advanced security features protect applications and services. Whereas a physical firewall allows traffic through HTTP and HTTPS, the WAF filters attacks to stay within the HIPAA compliant web hosting guidelines.
A method of authentication that is more secure than using a simple password alone. It employs the use of a second factor that adds to the complexity of user authentication.
Business Associate Agreement
Provides assurance that HIPAA Compliant data will be safeguarded and protected by an entity that provides services for a HIPAA Compliant organization. The Business Associate Agreement must be provided in writing to the covered entity.
Vulnerability Assessment Scans
Run regular vulnerability assessment scans in order to reveal any weakness in security that should be remedied.
Manage password policies to ensure they are being changed on a regular basis and they are complex enough to meet the security policies.