Covered entities often find themselves needing to save every email they send and receive. But storing this much data can put a huge strain on servers. That's why some companies start to look at data backup. This enables companies to use different servers to store their emails and free up their on-site servers. However, not all data backups meet HIPAA standards. Let's review Backupify and determine if this is a HIPAA compliant option.
What is Backupify?
Backupify is a cloud-to-cloud data backup. It makes it easy to store and recover emails, files, and more. Backupify makes it easier to prevent data loss since it's easy to retrieve the data you backed up with its product.
Backupify and the business associate agreement
The business associate agreement (BAA) is a non-negotiable need for covered entities to work with third-party vendors that interact with protected health information (PHI) . Vendors like this are known as business associates . The HIPAA Security Rule says that business associates have as much responsibility as covered entities to protect PHI from unauthorized users. The BAA ensures that a business associate is using the necessary safeguards to keep PHI secure. Since emails often contain PHI, data backup companies like Backupify will need to sign a BAA with the covered entity. According to its Terms of Use , Backupify doesn't automatically include a BAA when you start using the product. You'll need to contact the company and agree to a separate BAA.
SEE MORE: Understanding and Implementing HIPAA Rules
Backupify and data security
Backupify meets the minimum requirements for HIPAA-related security. Some of the ways Backupify protects data include:
- Encryption during transit and at rest in the cloud
- Data stored in co-location facilities
- Regularly tests system for vulnerabilities
Is Backupify HIPAA compliant?
Yes, Backupify can be HIPAA compliant. A covered entity will need Backupify to sign a BAA before working with its product. It's also up to the covered entity to ensure that Backupify's settings are configured to meet HIPAA compliance standards.
Consider Paubox email archiving instead of data backup
Paubox Email Suite Premium is the solution you need if you want to back up emails and send HIPAA compliant email with the same software. It has email archiving features that will store emails and attachments in the cloud. All emails are searchable and make it easier to find specific emails. Our Premium plan level also comes with inbound email security to protect you from ransomware, email phishing and other threats, as well as data loss prevention (DLP) to prevent employees from accidentally or maliciously sharing sensitive information outside a corporate network. Paubox Email Suite also lets you send encrypted emails directly to your patients' inbox. You won't ever have to use client portals or third-party apps to talk to your patients again. It's also easy for your employees to use since it can seamlessly integrate with Google Workspace or Microsoft 365 . You can trust us to protect your emails and PHI. Paubox is HITRUST CSF certified , and every plan automatically includes a BAA.
Subscribe to Paubox Weekly
Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.