How Symform Provides a HIPAA Compliant Cloud Backup Solution
There has been and continues to be a great deal of confusion about how HIPAA applies to many areas, including backup and disaster recovery (BDR). Today, no HIPAA “compliance certification” exists for backup applications, online storage, or disaster recovery services. That being said, many solution providers can help you maintain your HIPAA compliance and achieve secure online backup by adhering to the rules, guidelines and principles inherent in the compliance mandate. This is exactly what Symform does, particularly in its handling of data encryption, data transfers, and the protection of any data that could fall under a HIPAA regulation.
Symform Complies With the HIPAA Final Security Rule
The Final Security Rule is the one part of HIPAA that can apply to the backup and disaster recovery services that Symform offers. The Final Security Rule governs the processes that should be used to keep Protected Health Information (PHI) safe. It requires that Covered Entities–our customers–have sufficient Administrative Procedures, Physical Safeguards, and Technical Safeguards to protect access to PHI.
Symform HIPAA Compliant Cloud Services Provide the Following:
- Establishment of clear access control policies, procedures, and technology to restrict who has authorized access to PHI.
- Establishment of restricted and locked areas where PHI is stored.
- Establishment of appropriate data backup, disaster recovery, and emergency operation strategies.
- Establishment of technical security mechanisms, such as encryption, to protect data that is transmitted through a network.