Passed by the U.S. Congress in 1996, the Health Insurance Portability and Accountability Act (HIPAA) is a legislation that has been designed to make it easier for the workers in the United States to retain health insurance coverage during change or loss of jobs. Also, it encourages electronic health records to enhance the overall quality and efficiency of the healthcare system of the country through seamless information sharing.
As a prominent accounting and tax software hosting provider, Sagenext is committed to ensuring all-round protection of confidential data of the clients. Our SSAE-16 Type-II (SOC-1/SOC-2) certified data centers are fully HIPAA compliant that enables us to deliver highly secured and continuous solutions. It allows covered entities along with their business associates subject to HIPAA to acquire a highly advanced, reliable and fully secured cloud infrastructure to store, process and maintain electronic protected health information (e-PHI).
We have deployed a number of industry-leading security measures at our data centers with storage, accessibility, management, and sharing of the data to ensure everything is in line with HIPAA compliance. The major policies that we practice include:
Role-specific logins with proper monitoring for all user accounts
A strict privacy policy adhering to HIPAA guidelines
Highly trained and skilled professionals to keep a check on data security
Application access control
Advanced media and device controls for media reuse and disposal
Review of Business Associate Agreement (BAA) with every vendor involved in data processing and handling
Health Insurance Portability and Accountability Act requires the identifiers under (PHI) that comprises personal details including name, address, contact details, Social Security Number, which need to be protected. To ensure complete data protection at all levels including physical storage, network and data processing, we implement a number of steps like:
Risk Analysis
Physical Security
Antivirus
Network Firewall
Web Application Firewall
Vulnerability Scanning
Email Security
DDoS Security
Multi-level Authentication
Encrypted Storage
VPN Tunnels
Identity and Access Management
Encrypted Backups
Disaster Recovery Scheme
Single Sign-on
Centralized Logging and Consistent Log Monitoring
Intrusion Detection and Prevention Mechanism
File Integrity Monitoring
Detection/Auditing of Devices Added
Enterprise Identity and Access Management (IAM)
Network Monitoring and Configuration Change Management
Security Auditing
| HIPAA Compliant Hosting Options | Hosted in Sagenext’s Data Centers |
|---|---|
| HIPAA Compliant Private Cloud Managed Hosting | |
| HIPAA Compliant Public Cloud Managed Hosting | |
| HIPAA Hybrid Managed Hosting (a combination of Cloud Hosting and Dedicated Server Hosting) | |
| HIPAA Managed Hosting (on dedicated servers) |