• Files such as patient and billing records can be accessed only by the covered entity.
  • Secure, encrypted data transfer and storage prevents alterations, tampering or unauthorized access.
  • Data can be restored swiftly and accurately to a specific point-in-time.
  • Reporting provides a clear audit trail with user access date and time-stamp detail.

backup compliance

The data management portion of HIPAA is focused on the secure storage and transmission of Protected Health Information (PHI) over computer networks. PHI includes all individually identifiable health information in any form or media including subsets of health information such as demographics.

HIPAA Data Compliance Requirements

HIPAA defines who is authorized to access this information and requires the establishment and maintenance of appropriate administrative, technical, and physical safeguards to ensure integrity, confidentiality, and availability of the information.

Healthcare organizations are required to individually assess their security and privacy requirements and take measures to implement electronic data protection for data in transit and storage. ABS’s data protection platform ensures the appropriate data and applications are secured and available for immediate recovery when needed.

  • Electronic protected health information (ePHI) must be secured against potential threats or hazards
  • Data is securely stored in two geographically diverse Carrier-Grade datacenters.  Redundant fail-safe systems protect the data in every step of the backup and storage process
  • Access to ePHI must be protected against any reasonably anticipated uses or disclosures that are not permitted or required by the Privacy Rule.
  • Data is encrypted during backup, transmission and storage with the encryption technology used by the US Government. Access is restricted by password authentication only.
  • Maintenance of record of access authorizations
  • Reporting provides a clear audit trail with user access date and time-stamp detail.
  • If the data is processed through a third party (ABS), entities are required to enter into a chain of trust partner agreement
  • ABS enters into a Terms of Service agreement, this outlines that the parties agree to electronically exchange data and that ABS is provisioned to protect the transmitted data. The Agreement states that the receiver of the data (ABS) is required to maintain the integrity and confidentiality of the transmitted information.

  • * Note: ABS does not have access to the stored contents. It is the customers responsibility for data maintenance to be in accordance with HIPAA standards.