Search knowledge base

Folderit DMS HIPAA Compliance

At Folderit, we are committed to ensuring the highest standards of data security and privacy. We have taken extensive measures to align with the requirements set forth by the Health Insurance Portability and Accountability Act (HIPAA). Below is an overview of our HIPAA compliance practices:

1. Data Security

  • SSL Encryption: Ensuring secure data transmission via SSL connections.
  • 256-bit Encryption at Rest: Advanced encryption safeguards stored data.
  • Two-Factor Authentication (2FA): Elevates user verification security.
  • Custom Password Policies: Amplifying password robustness.
  • Internal Protocols: Designed meticulously to fortify data privacy.

2. Access Control

  • Robust User Authentication: Enforced through strict password policies and 2FA.
  • Single Sign-On (SSO): Effortless access integration with Okta and Active Directory.
  • Granular Access: Users can fine-tune access at distinct file and folder tiers.
  • Restricted Viewing: Tailored data visibility ensures users only access approved information.

3. Audit Trails

  • Exhaustive Audit Records: Comprehensive logs of user activities.
  • Hierarchical Logs: Trackable data for files, folders, and entire organizations.
  • Export Flexibility: Log data can be exported in diverse formats like Excel, CSV, or PDF.
  • Immutable Records: Audit logs are designed to resist alterations.

4. Backup and Recovery

  • Redundant Backups: Triple data backups housed in geographically varied AWS data centers.
  • Scheduled Backups: Data integrity is maintained with regular backups.
  • Swift Recovery: Proactive disaster recovery protocols in place.

5. Employee Training

  • Ongoing Training: Updated training modules covering HIPAA, GDPR, and cybersecurity.
  • Incorporated Awareness: Inclusive security and privacy clauses in employee contracts.

6. Business Associate Agreements (BAAs)

  • Customizable BAAs: Crafted to cater to distinct client requirements.
  • Defined Roles: Responsibilities delineated following established standards.

7. Risk Assessments

  • Routine Checks: Risk evaluations are done monthly, coinciding with updates.
  • Enhanced Security: Evaluation outcomes inform and refine our security strategies.

8. Incident Response

  • Prompt Action: Rapid response complemented by timely client communication.
  • Standardized Protocols: Adherence to prevalent industry incident response guidelines.

9. Updates and Patches

  • Regular Updates: Twice a month updates for ongoing security.

10. Third-Party Services

  • Diligent Vetting: Comprehensive scrutiny of third-party privacy protocols.
  • Full Disclosure: A comprehensive list of our third-party alliances is available on our website.

11. Documentation

  • Comprehensive Resources: Detailed User Guides, Security Whitepapers, Privacy Policies, FAQs are published on Folderit’s website.
  • GDPR Conformity: Our systems align with GDPR mandates.
  • Best Practices: We follow industry-recommended compliance practices.

Your trust is paramount to us. At Folderit, we are unwavering in our dedication to safeguard electronic protected health information (ePHI) and uphold the zenith of security and privacy norms. To delve deeper into our HIPAA (sometimes mistakenly spelled HIPPA) compliance initiatives, we welcome you to get in touch or navigate through our security document.