There are many advantages to cloud storage. It is scalable, cost-efficient, and flexible. However, although cloud file storage and sharing is easy and convenient, there are many security risks associated with having your data stored remotely. In regards to healthcare systems using online storage services, HIPAA compliance is of great importance. Although HIPAA does not directly state on how to secure data, encryption is encouraged as a best practice; even if information is somehow accessed by unauthorized users, if it is in encrypted, it will not be usable to these entities. Below are a few HIPAA compliant cloud storage services:
Dropbox (Business) Dropbox began supporting HIPAA compliance in 2015. It provides business associate agreements (BAAs) for its business customers. Administrators are able to review and remove linked devices, user access, user activity reports and also enables two-step authentication.
Google Drive Google also provides BAAs for Google Apps for Work customers. Administrators are able to view account activity and app activity, and enable file-sharing permissions.
Microsoft OneDrive Microsoft has some of the best security practices in the industry. The security features are strongest at the Enterprise E5 level which is also a little more expensive than its other plans. Microsoft also provides BAAs for enterprise cloud services.
Clients should contact each provider for details on how to ensure HIPAA compliance. Kota Systems is a re-seller for all of these options. We can also help configure your cloud sharing to be HIPAA compliant.
Email email@example.com to learn more.