Continuous Data Protection (CDP)

HIPAA Compliance

Webiness recognizes that Covered Entities - Health Care Providers, Payers, and Clearing Houses must make every reasonable effort to be HIPAA compliant with regards to the Privacy and Security of Protected Health Information (PHI).

Being an applicable entity to compliances is commonly misunderstood. In the case of HIPAA you must be compliant if your entity is a healthcare provider, healthcare payer, or provide healthcare billing services. Yet ultimately any entities that handle individually identifiable health records must be compliant with HIPAA regulations.

A few key points as they relate to HIPAA regulations:

  • Covered entities can store risk analysis documents encrypted using our CDP product.
  • Our CDP product meets all security requirements; including end-to-end strong encryption. Our CDP product can be managed by a backup service provider without requiring access to the encryption key that protects healthcare data.
  • All backup and restore activity is logged.
  • Passwords and encryption keys can be changed if an authorized covered entities member or members are terminated.
  • Ability to grant and modify user access, user access protected with passwords.
  • The CDP agent is protected with RSA key authentication and the CDP server automatically ends sessions after completing backup operations.
  • Our CDP software has an automated process for backup frequency, and data retention. This makes it easy for covered entities to have a HIPAA compliant data backup and contingency plan.
  • Bare-metal disaster recovery meets and exceeds HIPAA disaster recovery requirements.
  • Our CDP product provides adequate help to entities that must comply with the HIPAA Compliance regulations although we are not deemed covered entities as defined by current regulations.

Lastly, because there are no regulations or rules which address backup software in specific we do not make any claims that we are fully HIPAA compliant, although we meet and exceed most of the measures needed to have full HIPAA compliancy. If there is anything we can do to help you reach compliancy while using our software in any way, let us know.

Related Links

Overview of HIPAA
Are you a HIPAA "entity"?

HIPAA Resources
Health Care Information Technology Yellow Pages
US Department of Health & Human Services

HIPAA Guidance Document 45 CFR Parts 160 & 164
HIPAA Glossary

HIPAA Standards
WEDI Workgroup for Electronic Document Interchange
SNIP Strategic National Implementation Process
HL7 Standards
SNOMED Systematized Nomenclature of Medicine Reference Terminology

State Hospital Associations
American Hospital Association (AHA)
American Association of Health Plans
American Health Information Management Association
Healthcare Information and Management Systems Society (HIMSS)

All information presented on this page is an overview of how our software relates to HIPAA Compliancy. Webiness and its entities do not give legal advice on this information. Please consult with your legal counsel if you have questions about your specific situation.