A Guide to HIPAA Compliance and Cloud Backup
Medical and dental records require the utmost confidentiality and the security of patient information is enforced by the Office for Civil Rights via the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. A secure cloud backup system is often used to satisfy the requirement for offsite storage of electronic patient records that are kept locally on servers, computers, or NAS devices. One of the most important features of a HIPAA compliant cloud backup system is the use of a private encryption key to encrypt the remotely stored data. The encryption key is a string of numbers and characters selected by the medical practice and combined with standard encryption protocol to ensure encrypted records can NEVER be unscrambled.
Patient records and other practice data can be retrieved in their native format only by account administrators who have the encryption key. The encryption key applies to all forms of data and devices using the Sterling Data Storage cloud back system to store electronic records. The cloud backup system will deny access to any individual or entity that does not have the encryption key, including the Sterling Data Storage technical support team.
Private Encryption Key Administrators
A Sterling Data Storage customer selects a unique encryption key during the client software installation process. The possession and management of the encryption key is greatly stressed to each customer because no other individual will ever be able to access the stored data without the encryption key. Customers are urged to select key administrators in advance and have policies in place for redundancy and security of the key.
Disaster Recovery For Medical Practices
Sterling Data Storage offers bare metal restore and data backup of applications, operating systems and databases. Use of the Sterling disaster recovery system can be a lifesaver if a company should fall victim to a potential hardware failure, a theft situation, a computer virus, an accidental deletion, or any one of the numerous possible natural disasters.
Secure Data Centers
The security of Sterling Data Storage centers are held to the highest of standards.
The worries that previously came with using WebDAV via SSL or Amazon’s web services offering mail protection are no longer necessary with Sterling Data Storage use. With 128-bit AES, 256-bit AES—which is military grade—and 448-bit Blowfish encryption, information is completely backed and totally safe twenty-four hours a day, seven days a week.