HIPAA Compliance

HIPAA and its importance

Passed by the U.S. Congress in 1996, the Health Insurance Portability and Accountability Act (HIPAA) is a legislation that has been designed to make it easier for the workers in the United States to retain health insurance coverage during change or loss of jobs. Also, it encourages electronic health records to enhance the overall quality and efficiency of the healthcare system of the country through seamless information sharing.

Complete hosting solutions compliant with HIPAA guidelines

As a prominent accounting and tax software hosting provider, Sagenext is committed to ensuring all-round protection of confidential data of the clients. Our SSAE-16 Type-II (SOC-1/SOC-2) certified data centers are fully HIPAA compliant that enables us to deliver highly secured and continuous solutions. It allows covered entities along with their business associates subject to HIPAA to acquire a highly advanced, reliable and fully secured cloud infrastructure to store, process and maintain electronic protected health information (e-PHI).

Security measures that we follow for HIPAA compliance

We have deployed a number of industry-leading security measures at our data centers with storage, accessibility, management, and sharing of the data to ensure everything is in line with HIPAA compliance. The major policies that we practice include:

Role-specific logins with proper monitoring for all user accounts

A strict privacy policy adhering to HIPAA guidelines

Highly trained and skilled professionals to keep a check on data security

Application access control

Advanced media and device controls for media reuse and disposal

Review of Business Associate Agreement (BAA) with every vendor involved in data processing and handling

Securing ePHI

Health Insurance Portability and Accountability Act requires the identifiers under (PHI) that comprises personal details including name, address, contact details, Social Security Number, which need to be protected. To ensure complete data protection at all levels including physical storage, network and data processing, we implement a number of steps like:

Risk Analysis

Physical Security

Antivirus

Network Firewall

Web Application Firewall

Vulnerability Scanning

Email Security

DDoS Security

Multi-level Authentication

Encrypted Storage

VPN Tunnels

Identity and Access Management

Encrypted Backups

Disaster Recovery Scheme

Single Sign-on

Centralized Logging and Consistent Log Monitoring

Intrusion Detection and Prevention Mechanism

File Integrity Monitoring

Detection/Auditing of Devices Added

Enterprise Identity and Access Management (IAM)

Network Monitoring and Configuration Change Management

Security Auditing

Security Auditing and Dashboard

HIPAA Compliant Hosting Options Hosted in Sagenext’s Data Centers
HIPAA Compliant Private Cloud Managed Hosting
HIPAA Compliant Public Cloud Managed Hosting
HIPAA Hybrid Managed Hosting (a combination of Cloud Hosting and Dedicated Server Hosting)
HIPAA Managed Hosting (on dedicated servers)