HIPAA Business associate Agreement (bAA)
Last Updated: September 7, 2021
Under the U.S. Health Insurance Portability and Accountability Act of 1996, a HIPAA business associate agreement (BAA) is a contract between a HIPAA covered entity and a HIPAA business associate (BA) or downstream business associate. The contract protects personal health information (PHI) in accordance with HIPAA guidelines.
FileShadow Accounts and BAA configuration
A BAA needs to be in place for covered entities or business associates that wish to place PHI on the platform but no manual configuration needs to occur to enable feature enhancements.
FileShadow’s HIPAA offering allows users to leverage the FileShadow platform, while still maintaining privacy, security, and compliance.
By default all security features are enabled and cannot be disabled either systemically or individually by either the end user or FileShadow employees. Features include:
- All files stored in the FileShadow cloud are individually encrypted using Advanced Encryption Standard (AES)
- All PHI information is stored on drives that are encrypted at rest
- All data in motion is encrypted at the application layer
- All third party business associates of FileShadow are HIPAA compliant including:
- Customer Support chat communications
- Employee support communications with FileShadow server infrastructure
- Long and short term storage facilities
- Content and tag search systems
- Content classification systems
For information on how to have a BAA signed with FileShadow, please contact firstname.lastname@example.org.