Image Image Image Image Image Image Image Image Image

HIPAA Compliance & Security

  • Top Tier File Share uses Citrix ShareFile to ensure the highest quality of encryption security for your PHI data, and HIPAA compliance.

    ShareFile independently certified as “HIPAA Compliant”. Citrix ShareFile has earned the “HIPAA Compliant” seal from Sword & Shield.
    The seal affirms that, according to Sword & Shield Enterprise Security’s independent assessment, ShareFile has implemented the necessary security measures to safeguard Electronic Protected Health Information (ePHI).

    ShareFile handles the encryption and decryption of all files, including those containing PHI. Customers can, at their discretion, also encrypt les prior to uploading. If a customer chooses to do this, ShareFile will still auto- matically encrypt les a second time. ShareFile uploads and downloads les between the end user and the storage tier directly over a Secure Socket Layer (SSL)
    or Transport Layer Security (TLS) encrypted segment using high-grade encryption with no less than 128-bit
    key strength. ShareFile supports SSL 3.0 and TLS, which are the same encryption protocols and algorithms used by e-commerce services and online banking. ShareFile also stores all les at rest using the Advanced Encryption Standard (AES) with a 256-bit key. Additionally, custom- ers can con gure multiple mobile device controls, such as requiring users to enter a passcode to encrypt ShareFile content on mobile devices.

    Physical safeguards
    The ShareFile SaaS application and storage tier are hosted by industry-leading providers in geographically separate SSAE 16 accredited datacenters. Measures are in place to prevent unauthorized persons from gaining access to data-processing equipment, such as tele- phones, database and application servers, and related hardware, where PHI may be processed or stored.
    These measures include:
    + establishing secure areas
    + protecting and restricting access paths
    + securing data-processing equipment and personal computers
    + establishing and documenting access authorizations for employees and third parties
    + placing regulations and restrictions on card-keys
    + restricting physical access to servers by using electronically-locked doors and separate cages within co-location facilities
    + logging, monitoring, auditing and tracking all access to datacenters where PHI is hosted via electronic surveillance conducted by security personnel
    For suitable levels of redundancy, ShareFile main- tains multiple servers in its primary datacenter and deploys a mirrored environment at a geographically separate datacenter.

    Integrity controls
    To help ensure that PHI has not been altered or destroyed in transit or at rest, ShareFile uses industry- accepted hashing algorithms to verify le integrity during le upload and download. Customers are encouraged to adopt and use folder and re-naming policies and conventions to further protect PHI stored in ShareFile.

  • ShareFile independently certified as “HIPAA Compliant”

    Top Tier File Share is powered by Citrix ShareFile that has earned the “HIPAA Compliant” seal from Sword & Shield. The seal affirms that, according to Sword & Shield Enterprise Security’s independent assessment, ShareFile has implemented the necessary security measures to safeguard Electronic Protected Health Information (ePHI).

    Citrix® ShareFile systems have been assessed by Sword & Shield Enterprise Security and has achieved compliant status under Sword & Shield’s HIPAA Compliance Program (HCP). The HCP compliant status assures that at the time the compliance shield was issued, Sword & Shield attests that Citrix® ShareFile has implemented the necessary security measures to safeguard protected health information (PHI) and electronic protected health information (ePHI) as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

    Support HIPAA compliance, boost security and mobilize data access
    Top Tier File Share is a secure, using Citrix Sharefile, enterprise-grade, HIPAA-compliant data sync and sharing service that allows IT to mobilize all enterprise data and empower user productivity, built for the healthcare industry. ShareFile, designed to safeguard PHI, allows users to send and receive confidential files with encryption to maintain HIPAA compliance. It prevents information leaks, security breaches, increases mobile productivity and user collaboration. ShareFile offers advanced security features for IT, flexible storage options, and integrations to existing network shares and ECM systems. In addition, unlike competitors, ShareFile’s innovative StorageZones technology lets customers choose where to store data – on premises, in a secure dedicated healthcare cloud or a combination – to meet specific data sovereignty, compliance, and performance requirements.