-
-
HIPAA Support
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
HIPAA Support
Overview
Important:
For HIPAA Audit Reports and Compliance, visit the ShareFile Trust Center for more information.
The Health Insurance Portability and Accountability Act of 1996, or “HIPAA,” is a U.S. federal law that required the creation of national standards to protect patient health information. This includes, for example, obligations around the confidentiality and security of such data.
Cloud Software Group, Inc. (“ShareFile”) supports these obligations when storing and sharing data, and provides various tools to supplement a customer’s compliance efforts under HIPAA. However, it is the customer’s responsibilty to configure and operate its ShareFile environment appropriately. Additionally, ShareFile is not a substitute for a customer’s broader compliance obligations. Customers must have their own an adequate HIPAA program, along with appropriate processes and controls to ensure compliance throughout their organization.
Adding ShareFile with HIPAA Support
ShareFile with HIPAA support is available only with a ShareFile Premium, VDR, Industry Advantage Account. Additionally, customers must accept the ShareFile Business Associate Agreement (BAA). In such case, ShareFile operates as a “Business Associate” of customer, generally a “Covered Entity.” For more information on these roles, visit The U.S. Dept. of Health and Human Services.
Accepting the Business Associate Agreement
New accounts
A ShareFile customer’s administrator can enable HIPAA and accept the BAA by following the given steps below:
-
Login to ShareFile Account. Then go to Settings > Admin Settings > Admin Overview.
-
From the Admin Overview, select Enable HIPAA and the Warning and Notes page is displayed.
-
Click the Checkbox to enable the option BAA and click the Enable button to continue.
-
The Success message is displayed on the top right corner.
Existing accounts
Once a ShareFile account is converted to a Premium, VDR or an Industry Advantage Account with HIPAA support, administrators can click on Admin Setting -> Admin Overview page, within their ShareFile account. A statement regarding BAA acceptance will be highlighted where the BAA can be reviewed and accepted directly within the account.
Administrators can access and review their executed ShareFile BAA at any time via the same Admin Overview page.
HIPAA Features
Upon in-product acceptance of the ShareFile BAA, customers can immediately feel confident using ShareFile to process protected health information (PHI) in the HIPAA-supported version of their ShareFile account. Not only do world-class security measures come standard in our products, ShareFIle also automatically adjusts various features to help support customer’s enhanced obligations under HIPAA.
-
Public share links - To prevent customers from inadvertently sharing PHI publicly, this feature is disabled. Administrators may enable this feature.
-
Co-edit with Microsoft - This feature requires customer data to be transferred to your Microsoft environment. ShareFile does not have an agreement with Microsoft and cannot control what happens to your data once it leaves ShareFile’s system. Administrators may enable this feature.
-
3rd Party integrations and connectors - This feature requires customer data to be transferred to your environment which is hosted by a third party provider of the integration or connector. ShareFile does not have an agreement any third party providers of integrations or connectors, and cannot control what happens to your data once it leaves ShareFile’s system. Administrators may enable this feature.
-
Notifications - Activity notifications (view/download/upload) will not include the file name went sent via email. This is to prevent sharing of PHI that may be inadvertently contained in a file name. Such notifications will include the file type extension (ex: .doc, .pdf)
Additionally, the following products are not supported for HIPAA product plans:
-
On Prem or “Self-hosted” - ShareFile does not have access to PHI when customers deploy an on-premises version of the product. For this reason, ShareFile cannot act a business associate of the customer.
-
Customer Managed Encryption Key for Cloud Storage - ShareFile does not have direct access to PHI where product encryption keys are maintained by the customer. For this reason, ShareFile cannot act a business associate of the customer.
-
Request Lists - This feature is not currently supported for HIPAA accounts.
-
Custom Workflows - This feature is not currently supported for HIPAA accounts.
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.