ComplianceHIPAA Compliance
We are HIPAA Compliant.
The Disclosure.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), mandates that all covered entities fulfill certain requirements for data backup, data storage, and data recovery. These requirements are listed in the Security section of the Administrative Simplification Act. Online Data Vault is a highly secure online data backup and data recovery system that allows businesses to fulfill the HIPAA requirements for secure data storage and disaster recovery while realizing significant cost savings.
Online Datavault’s technology complies with the following HIPAA requirements:
- User authentication
- Role based access
- Encryption of data (AES128, AES192, AES256 bit encryption)
- Offsite data storage outside of the organization
- Secure storage facilities
- Transmission Reports
Online Datavault's Internet Vaulting solution is completely secure and can protect your organization in the case of any type of data loss. Take a closer look at Online Datavault’s secure remote backup solution and its compliance with HIPAA regulations:
HIPAA Privacy Rule |
Online Datavault |
Covered Entity |
| Safeguards: §164.530 (c) (1) |
........... | ........... |
| * Administrative §164.308 |
YES | Enabled by Online Data Vault |
| * Technical §164.312 |
YES | Enabled by Online Data Vault |
| * Physical §164.310 |
YES | Enabled by Online Data Vault |
| Access to PHI §164.524 |
NO - Covered Entity has the only encryption key | YES |
| Amendment to PHI §164.526 |
NO - Covered Entity has the only encryption key | YES |
| Encryption of PHI §164.312 |
YES | YES |
HIPAA Security Standards Matrix |
Online Datavault |
Covered Entity |
| Assigned Security Officer §164.308(a)(2) | YES | ........... |
| Access Authorization §164.308(a)(4) | NO - Only covered entity has access to PHI | YES |
| Security Incident Reporting §164.308(a)(6) | YES | ........... |
| Contingency Plan: Data Back-up §164.308(a)(7) | YES | YES |
| Contingency Plan: Disaster Recovery §164.308(a)(7) | YES | YES |
| Business Associate Agreement §164.308(b)(1), 106.103 | YES | ........... |
| Facility Access Controls §164.310(a)(1) | YES | ........... |
| Device & Media Controls §164.308(d)(1) | YES | YES |
| Access Control §164.312(a)(1) | YES | YES |
| Transmission Security §164.312(e)(1) | YES | YES |