HIPAA Compliance – Box File Storage
HIPAA Compliance - Box.com | CloudAlly
Try our Backup Interactive Product Tour

HIPAA Compliance – Box 

HiPAA Compliance – The electronic age has made it easier for doctor’s offices and hospitals to store patient information is box.com hipaa compliantwithout much paperwork. They do, however, must adhere to special regulations concerning the storage of that data. These rules are known as the Health Insurance Portability and Accountability Act, or HIPAA, and the Health Information Technology for Economic and Clinical Health, better known as HITECH.

Cloud computing is becoming more prevalent. It is imperative for business which collects sensitive information to use a cloud service provider which adheres to HIPAA and HITECH. Box  is a leader as a commercial cloud provider. Is Box .com HIPAA compliant?


What this article is about:


How Does Box Meet HIPAA Compliance Standards?

Box is considered HIPAA compliance standards. For Enterprise and Elite accounts needing HIPAA protection, Box signs business associate agreement, BAA, when they ask for it. Any BAA required should be signed before the customer begins storing sensitive information within their cloud account.

While there is no official certification process, Box’s features ensure that protected health information stays safe in the cloud. This provider not only encrypts data as it is transferred from hard drive to cloud, and the cloud to the hard disk, but it remains encrypted while on their servers.

Additionally, Box restricts access to the physical server farms where the information resides. The company also uses strict logical system access controls to maintain security.

Consumers have administrative controls to help govern their data. Administrators choose which of the following their employee can access:

  • Download
  • Read
  • Edit
  • Lock documents
  • Password protect files

Administrators can monitor access to data seeing who accessed them, shared them, or edited them. Audits also report the account activities for not only content but users alike. Administrators can also use this area to train employees on different security controls and policies.

Box – HIPAA Compliance, to Extent

Like all online service providing HIPAA compliance,