- This article is for Carbonite Safe Backup Pro and Carbonite Safe Server Backup
The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. HIPAA is designed to protect patients' medical records and other health information supplied to health plans, doctors, hospitals and other healthcare entities.
To help healthcare organizations comply with HIPAA, security standards have been created to help organizations protect personally identifiable health information. Compliance with HIPAA's administrative, physical and technical safeguards is imperative to the ongoing business operations of healthcare organizations.
The Carbonite Solution
Carbonite addresses HIPAA regulatory compliance requirements for our Carbonite Backup Pro customers by implementing administrative, physical and technical safeguards that ensure the confidentiality, integrity and security of your data:
- Offsite Backup for Disaster Recovery: Our products are a key component in any disaster recovery plan as protection against hardware failure, theft, virus attack, deletion and natural disaster.
- Encryption: Carbonite Safe Backup Pro and Carbonite Safe Server Backup data is encrypted on your computer. After that, your data is then sent over a securely encrypted TLS connection and remains encrypted while in transmission ("in-flight") and in storage ("at-rest"). While at the data centers, all backed up data remains encrypted.
- Secure Data Centers: Carbonite's data centers are physically secure with protective measures that restrict personal access using biometric scanners, electronic key cards, and PIN codes. Additionally, the location is guarded by onsite security officers 24 hours a day, 365 days a year.
- Massachusetts Data Security Compliance: Carbonite is compliant with the Massachusetts Data Security Regulation (201 CMR 17), widely considered the most stringent data protection statute in the nation because it prescribes actions for disclosing security breaches as well as robust prevention measures. All Carbonite customers, regardless of where they live, get the benefit of Carbonite's compliance with the Massachusetts Data Security Regulation.
- Business Associates Agreement: Carbonite's Business Associate Agreement (BAA) is based on the federal government’s standard, so you can rest easy knowing your backed up data is secure and meets Business Associate compliance requirements. To request a BAA, contact our sales team at 1-855-227-2249 or carb-CSA@opentext.com. Please make sure the email used for contact is an administrator in your Carbonite account for the quickest resolution time.