- About Us
Cloud storage providers like Dropbox, Google Drive, or Box allow companies from the healthcare industry to easily access, synchronize, and share documents anywhere and anytime without a lot of efforts. Thanks to the use of cloud storage, the collaboration between health care providers, patients, and other third parties improves. Moreover, it reduces administrative costs.
Healthcare companies can access medical data anywhere and anytime, and share information between all involved parties (e.g. providers, patients, insurances) without being limited to size or number of files. As a lot of companies from the healthcare and medical sector are driven by their mobile nature and their need for fast and easy sharing, the cloud offers an ideal environment for them.
Since medical information – such as images, bills, or patient records – is very sensitive information, security and privacy are extremely important. By using cloud services, healthcare companies increase their risk of a breach of HIPAA compliance: They share sensitive information with a lot of different people (partners, employees, patients), but popular cloud services, such as Dropbox, are not HIPAA compliant.
However, if healthcare companies want to remain HIPAA compliant, they do not need to give up the efficiency offered by the cloud. Boxcryptor helps them in being HIPAA compliant by letting them benefit from the best of two worlds: Ease of use and productivity combined with highest security.
Boxcryptor ensures that healthcare professionals can benefit from all advantages of the cloud while remaining HIPAA compliant and focus on what matter most: Providing excellent care.
ePHI (electronic protected health information) is encrypted at any time using the encryption standard preferred by high security systems around the world. All ePHI is encrypted locally on the device (desktop and mobile), during transmission, and at rest on the server of the cloud storage provider.
However, Boxcryptor offers even more to ensure HIPAA compliance:
As HIPAA describes a process, a software like Boxcryptor itself cannot be HIPAA compliant. But Boxcryptor helps healthcare companies to comply with the technical safeguards of HIPAA. These include encryption, access control, audit trails, automatic log offs and more.
While some cloud services offer HIPAA compliance for files stored on their servers, they cannot offer any protection for files downloaded to devices. Since these services automatically synchronize a large number of files with multiple devices, they expose healthcare providers to a significant HIPAA breach risk due to a lost device.
Boxcryptor encrypts the files locally on the user's device. The encrypted files are only stored on the users device and then synchronized to the provider of choice. Moreover, all sensitive user information (e.g. private keys etc) is encrypted on the user's device before uploaded to our servers. So allthough Boxcryptor is optimized for cloud storage, it does does not hold any PHI on its servers. Despite this, we sign Business Associate Agreemets (BAA) at no additional costs. If you require a BAA, please contact us.
Electronic protected health information (ePHI) refers to any protected health information that is covered under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). It covers data that is produced, saved, transferred or received in an electronic form.
Boxcryptor helps healthcare professionals to use the cloud but remain HIPAA compliant
Sign up for our newsletter to stay informed with the latest Boxcryptor news, product updates and special offers.