HIPAA Compliant File Sharing Service

For Healthcare Providers & Others Who Work With Protected Health Information
Health related file transfer

What Is HIPAA?

Health Insurance Portability and Accountability Act, abbreviated to HIPAA. The basic premise of HIPAA is to:

  • Enable secure sharing, storage and transmission of Protected Health Information (PHI) by authorized persons and entities.
  • Control and monitor the degree of disclosure and usage of PHI.
  • Improve the effectiveness and efficiency of the US health care system.

Another act that needs to be taken into account is the Health Information Technology for Economic and Clinical Health Act (HITECH).

HIPAA compliant file sharing

Who Must Be HIPAA Compliant?

HIPPA applies to Covered Entities and Business Associates.

Covered Entities include:

  • Healthcare providers such as doctors, nurses, psychologists, dentists, chiropractors.
  • Organizations who provide healthcare services such as hospitals, nursing homes, clinics, pharmacies.
  • Health insurance companies.
  • Clearing houses.

Business Associates are entities or persons not defined as a Covered Entity that provide services to them, or perform activities that involve PHI.

Health professionals

Requirements For HIPAA Compliance

HIPAA has a number of rules within it, 4 of which are addressed in this section, as it pertains to the usage of a HIPAA compliant file sharing service.

The Privacy Rule

The Privacy Rule defines what safeguards must be in place to protect the privacy of PHI. It also sets limitations on the disclosure and use of PHI done without patient permission.

There are a number of policies within the Privacy Rule, but one we would like to highlight is, data safeguards that require securing ePHI with passwords, and additional measures, to prevent unauthorized access, and to control and monitor authorized access.

 

The Security Rule

There are 3 parts within the security rule which are to do with the required specifications concerning administrative, technical, and physical safeguards. Adherence to these 3 parts facilitates the confidentiality, security, and integrity of electronic PHI (ePHI).

Security Rules

Administrative Safeguards

Security Management Process

Identify potential risks to ePHI and put measures in place to reduce the risk to an appropriate and reasonable level

Periodic Evaluation

Perform a periodic evaluation of the various measures put in place to assess how effective the introduced measures are in attaining compliance with the Security Rule.

Information Access Management

In accordance with the Privacy Rule to limit the disclosure of ePHI to the absolute necessary minimum, this measure requires the implementation of policies that define when authorization is permitted to access ePHI, who is authorized to access ePHI, and the degree of disclosure of ePHI.

Technical Safeguards

Specific requirements that must be attained by the technology that is used in conjunction with ePHI.

Access Control

Implement measures that permit only authorized people to access ePHI.

Audit Control

Keep a detailed auditable trail of activity in relation to disclosure, access, and use of ePHI.

Integrity Control

ePHI must be protected against unauthorized alteration and destruction.

Authentication

Verify that a person or entity attempting to access or use ePHI is authorized to do so.

Authentication

ePHI must be protected against unauthorized alteration and destruction.

The Enforcement Rule

The Enforcement Rule permits Health and Human Services – Office For Civil Rights to enforce the Privacy and Security Rule, with the authority to investigate, review, and fine Covered Entities and Business Associates.

Enforcement Rules

The Breach Notification Rule

This rule specifies how Covered Entities and Business Associates must respond if there is a data breach. Patients and Health and Human Services (HHS) must be notified within a set number of days upon discovering a data breach. When notifying relevant authorities and persons of a breach, among the information included, you must state if known, who accessed or used ePHI.

Breach Notification

How Filemail Ensures HIPAA Compliant File Sharing

We have a number of features in our enterprise-level managed file transfer solution that enables you to be HIPAA compliant.

BAA Ready

We use Business Associate Agreements with all users, organizations, and entities who require this formal standardized agreement with us.

Encryption

End-to-end data transmission encryption using SSL/TSL 256-bits to safeguard your data. Files you send, store and receive are safe and secure.

US Data Storage

With several servers based in the United States, you can rest assured your data is stored in the region you need, so as to comply with federal and industry regulations.

Access Monitoring

We provide a comprehensive monitoring component that lets you know what files were sent and received, by whom, what files were accessed to name just a few details.

Authentication

2-factor authentication to make sure only permitted personnel can access designated files. Thanks to SAML/SSO, identity management within Filemail is an extension of your overall cybersecurity strategy.

Stringent Security

Custom file expiration dates, password protection of files, authentication requirements on download pages, and anti-virus protection shows we take robust measures to protect your files.

Auditable Trial

Events and actions such as uploading, downloading, by whom, when, IP location, and a host of other details means you get full auditable trails into what is happening to your data and when.

Real-Time Notifications

We keep you up-to-date and in the loop as to what is happening within your account. You can also use an additional service we offer that provides updates via SMS.

Additional Benefits Of Our HIPAA Compliant File Sharing Service

Cost Effective

Setting up a cloud-based solution that meets the requirements of HIPAA is an expensive time-consuming process. As a HIPAA compliant file transfer solution, you’ll be able to get up and running with significantly less expenditure.

Cost effective

Mobility

With a full range of apps available for all major platforms, you can access protected information as and when you need to, be it in the office or otherwise.

Mobile devices

What Else Is Included In Your Filemail Account

Custom Subdomain

Upload Form On Your Site

Brandable Account

5 TB Storage Per User

Fast Transfer Rates

Premium Support

Our User's Ratings

4.7
4.7 star rating
Based on more than 100k ratings
Capterra
4.641 Ratings
GetApp
4.641 Ratings
Software Advice
4.641 Ratings
Finances Online
8.996 Ratings
Client Testimonials

What Our Clients Think

I have used Filemail for several months and find it very easy to use. It solved problems we have here at the bank when we need to send large files. The platform also provides a secure way to send confidential information back and forth between the bank and our customers.

Bruce Fairbank
Labette Bank

Filemail is the easiest and fastest way to send large files. Some of my clients have been so impressed with Filemail when they have received my videos that they have started using it for their own businesses

Deborah Alvino
CLVS (Coastal Legal Video)

Filemail has solved all my file transfers problems I have had in the past. Fast reliable, friendly to use. Very happy with the service. We send our shows all over the world, Filemail is a great help.

Jorge Elias Alarcon
Hollywood Channel

Some Of Our Business Clients

SpareBank Nord-Norge
Discovery
Bull House Media
Australian Film Commission
United States Olympic Committee
The College of Legal Practice
Clear Channel
British Film Institute
7-Day Trial You Can Get Up & Running In Minutes
Protect Your Patients, Reputation, & Business, With A HIPAA Compliant File-Sharing Service
Check Out Enterprise Plan