Launching a website for your business is easier than ever, with dozens of service providers offering a wide range of prices and features, including website builders that make designing a site as easy as dragging and dropping. Launching a website for a covered entity, however—including healthcare providers, health plans, and healthcare clearinghouses—is a more complicated endeavor. As our survey of some of the most popular webhosting companies revealed, most are not HIPAA compliant. Many expressly prohibit using their services to handle protected health information (PHI). Liquid Web has been around for more than 20 years. Are they willing and able to meet the requirements of the HIPAA Security Rule?
What is Liquid Web?
Based in Lansing, Michigan, Liquid Web was established in 1998 and today hosts over 1.5 million websites for over 45,000 customers around the world. The company is part of a "family of brands," which includes Nexcess, iThemes, and Interworx. The Liquid Web slogan is "The Most Helpful Humans In Hosting," and it touts its excellent rankings for customer satisfaction, including a high Net Promoter Score (NPS). When the company acquired Cloud Sites from Rackspace in 2016, it emphasized "devoted customer support" and its commitment to "delighting the customer."
What services does Liquid Web offer?
Liquid Web can provide virtual private servers (VPS), dedicated single-tenant traditional and cloud servers, as well as several managed platforms including WordPress, WooCommerce, and Magento. More robust services include database hosting, server clusters, distributed high-performance hosting, and multi-server high availability hosting. "We have a broad portfolio of products, built the way you want to buy and manage," Liquid Web says. "We can also custom build an Enterprise Hosting Solution."
Is Liquid Web HIPAA compliant?
Liquid Web is not unique in offering a full menu of services. But, unlike many of its peers, the company prominently advertises HIPAA compliant data centers and solutions. "In order to ensure our clients are protected, we have crafted compliant hosting solutions, making sure technical controls, backup management, safeguards and physical security policies are in place, all to verify that your data is secured to industry standards," the company explains. Liquid Web says it secures healthcare data in multiple ways, from fully managed and wholly-owned core data centers with locked server cabinets, to data encryption, offsite backups, and extensive administrative and physical safeguards. Most critically, Liquid Web is willing to sign a business associate agreement (BAA). Healthcare clients can choose from single or multiple server HIPAA hosting, with or without data encryption, with starting prices ranging from $343 to $687 a month.
Conclusion
When it comes to hosting a website, Liquid Web looks like a solid choice for covered entities, given its clear familiarity with HIPAA compliance requirements. However, its HIPAA product page does not mention email hosting, which not uncommonly is a separate service. Paubox provides HIPAA compliant email, which meets HIPAA encryption requirements out of the box, and helps mitigate human error, one of the most common reasons behind HIPAA violations.
Try Paubox Email Suite for FREE today.