Cloud Security for the Healthcare Industry with Boxcryptor

Profit from the advantages of Dropbox & Co. while keeping data protection at the highest level.

The Benefits of Boxcryptor for the Healthcare Industry

  • clouds-colored

    Privacy regulation and HIPAA compliance with Dropbox and other cloud providers thanks to encryption

  • made-in-germany-colored

    Cloud security “Made in Germany”

  • devices-colored

    Data security across smartphones, tablets and desktops

  • end-to-end-encryption-colored

    Leading end-to-end encryption technology

  • clouds-colored

    Support for more than 30 cloud storage providers

  • share-colored

    Collaboration, audit and management features

  • Encrypted Cloud Storage in the Healthcare Industry with Boxcryptor

    Cloud storage in the Healthcare Industry

    Handling patient data responsibly is a high priority in our times, when new digital threats emerge every day. At the same time, the progressing digitalization increasingly demands that data is processed in an efficient and flexible way. Cloud storage services, such as Dropbox, Google Drive or OneDrive, provide a solution for this problem of flexibility and efficiency, by making your data available in their data centers. However, especially with sensitive data, precautions have to be taken. You are giving your sensitive data out of your own hands and, as a consequence, you can never know for sure who can access it. Additional client-side encryption solves this security problem and is imperative when working with sensitive information, such as patient histories and health data.

    Boxcryptor Data Protection in the Cloud for healthcare Industry

    Cloud? Yes. But What About Security?

    With Boxcryptor we solve the problem of data protection in the cloud, by encrypting all files right on your device with the most modern, technical standards. This makes sure that only encrypted data reaches your cloud storage provider. However, if you want to share files with a colleague or an insurance, you can do so with just a couple of clicks, because Boxcryptor comes with its very own access management system.

    Boxcryptor adds end-to-end encryption with zero knowledge standard to your cloud.

    The Principle of Boxcryptor

    Boxcryptor adds end-to-end encryption with zero knowledge standard to your cloud. Simply put, it makes sure that no one but you can access your data. Not even us, since we do not know your password. That way, even sensitive data can be stored in the cloud, in compliance with privacy laws, since no one but your authenticated users can access it. With Boxcryptor, the cloud becomes even more secure than your own hosted servers. Data privacy and server maintanance are outsourced to specialists. As a consequence, valuable working time of your employees is freed up for the important things.

    Questions and Answers

    Is Boxcryptor privacy regulations and HIPAA compliant?

    As HIPAA describes a process, a software like Boxcryptor itself cannot be HIPAA compliant. But Boxcryptor helps healthcare companies to comply with the technical safeguards of HIPAA. These include encryption, access control, audit trails, automatic log offs and more. Find out more about how encryption ensures compliance with privacy regulations here.

    Are Box, Dropbox, Google Drive and other clouds HIPAA compliant?

    While some cloud services offer HIPAA compliance for files stored on their servers, they cannot offer any protection for files downloaded to devices. Since these services automatically synchronize a large number of files with multiple devices, they expose healthcare providers to a significant HIPAA breach risk in case of a lost device.

    Does Boxcryptor sign HIPAA Business Associate Agreements (BAA)?

    Although Boxcryptor is optimized for cloud storage, it does not hold any ePHI (Electronic Protected Health Information) on its servers. Therefore, a Business Associate Agreement is not necessary. Boxcryptor encrypts the files locally on the user's device. Those encrypted files are only stored on the user's device and synchronized to the provider of choice. They are not stored on our servers. Moreover, all sensitive user information (e.g. private keys etc) is encrypted on the user's device before it is uploaded to our servers.

    Please contact us if you still have questions about a BAA. We are happy to review your individual case.

    What is ePHI?

    Electronic protected health information (ePHI) refers to any protected health information that is covered under the Health Insurance Portability and Accountability Act (HIPAA) of 1996. It covers health data that is produced, saved, transferred or received in an electronic form.

    What is the best way to get to know Boxcryptor?

    Getting to know Boxcryptor is simple, convenient and most importantly, free and non-binding. There are two roads to take. Either you start a free 14-day trial to test the software in your team with the full functionality of our solutions for teams. Or you test Boxcryptor as a private user. You can use it for as long as you want. With our free license you can encrypt one cloud and access it on two devices. Upgrades for additional features are available at any time.

    Does Boxcryptor support GDPR compliance?

    Yes. Boxcryptor qualifies as a state-of-the-art technical and organizational measure (TOM) to ensure GDPR compliance. Boxcryptor effectively protects sensitive data. The General Data Protection Regulation is recommending encryption, when it comes to the protection of personal data.

    A positive side-effect of encryption is: the obligation to notify cases of data loss is omitted. This is due to the fact that nobody is able to exploit the lost or stolen data – no matter how sensitive the information contained is.

    Free Whitepaper: Healthcare in the Cloud

    What advantages and risks can come with the cloud in healthcare and where healthcare institutions should take extra care: Find out in our Guide to Security, Data Privacy and Encryption in Healthcare.

    By entering my email address I agree that Secomba GmbH sends me information via email. I can revoke this agreement at any time.