NITHealth can help you comply with the HIPAA security and privacy rules:
- We manage multi-user environments easily and efficiently so you don't have to.
- Your data is safe with military-grade encryption, world-class data centers, and the strictest security policies.
- We'll help you determine the best solution for your business and reduce excessive costs.
- We view compliance as critical and also take steps to protect against anticipated threats or hazards to the security or integrity of such information, and protect against unauthorized access to or use of such information. We protect the interests of our customers and business by operating a holistic program focused on the confidentiality, availability, and integrity of data.
- Within our Information Security Management System (ISMS), we incorporate a combination of technical, administrative, and physical controls to safeguard personal Information consistent with the industry standards and laws that are applicable to our customers. The principles behind each of these standards are for the data owner to retain control of sensitive data and ensure that only authorized parties can view that data.
Encryption of data during backup: During the backup process, all files are first secured with a personal 256-bit AES key or our managed 448-bit Blowfish encryption key and then transferred to our data center via a secure SSL connection.
Encryption of data on our servers: All backed up data maintains the 448-bit Blowfish encryption while stored "at rest" in our data center.
Encryption at rest: Your data remains in an encrypted state while at our data centers.
Off site Backup:
Physical security: Our data centers are protected by gated perimeter access, 24 x 7 x365 on-site staffed security and technicians, electronic card key access, and strategically placed security cameras inside and outside the building.
Remote/offsite backup: Our service provides an automated remote or offsite backup and is a key component in any disaster recovery plan as protection against hardware failure, theft, virus attack, deletion, and natural disaster
Logical access: Backed up data may be accessed via the password protected, web-based administrative console by supplying a valid encryption key.
Written contingency plan: The HIPAA Security rule requires that covered entities have a written contingency plan for responding to system emergencies, including a detailed plan concerning the data backup and recovery process in the event of a disaster.
Note: There is no standard “HIPAA corticated of compliance” for backup software and services. For more information about HIPAA and HIPAA compliance, contact your legal counsel or refer to the HIPAA section of the U.S. Department of Health and Human Services’ website