April 5, 2016

    FTP Service Provider Compliance Considerations for Healthcare

    With the average cost of a data breach increasing exponentially with each passing year, to say that data security is important is something of an understatement. This is especially true in the world of healthcare, which is routinely the most often targeted sector for hackers and other cyber criminals. When you start researching FTP service providers for your healthcare organization, there are a few key compliance-related considerations that you NEED to make.


    The 3 Important FTP Service Provider Compliance Considerations for Healthcare Organizations

    Advanced Firewall Protection

    These days, simply having a firewall in place isn't enough to protect your health care organization from harm. For compliance-sensitive healthcare customers, any FTP provider should be able to automatically filter traffic from incoming ports to only those that are mission critical for the operation of certain services. Sharetru is an example of one provider who does exactly this in an effort to eliminate traffic that may be targeted at certain Web-based applications (which are common in healthcare) and other known vulnerabilities that are waiting to be exploited.

    At Rest Encryption

    While HIPAA specifies that data to and from a healthcare organization should be encrypted while it is in transit, one thing that many people unfortunately do NOT think about until it's far too late is what happens when that data is at rest. If medical records are unencrypted either on the FTP server itself or on a user's hard drive, they're one data breach or intrusion attempt away from falling into the wrong hands.

    Sharetru offers both automated and transparent at rest encryption to help prevent this from happening. Files are only automatically decrypted AFTER they have reached their destination and are actually in use - during all other times they are protected. You’re still on your own to encrypt files on your own hard drive, though.

     

    Emergency Access

    HIPAA in particular also requires a emergency access procedure to be in place as part of a healthcare organization's standard access controls. Specifically, professionals need to be able to obtain electronic protected health records no matter what in the event of an emergency, even though other protection options are in place. Sharetru handles this by fully backing up data to a disaster recovery location in the event of an data center level disaster. This provides the ultimate in emergency access, even though a copy of the file may still be on the computer of the original person who uploaded it to the FTP site.

    These are just a few of the compliance-related safety and security features that any FTP service provider should be able to offer to your healthcare organization. Not only do they help you remain in good standard with HIPAA and other necessary industry regulations, but they also do the most important thing of all: help your employees, your clients, your business and ultimately yourself stay safe in a cyber-based world that is growing more and more dangerous with each passing day. 

     

    Tag(s):

    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts