As required by HIPAA’s Security Rule, all data must be encrypted, at minimum when in transport. What this means to you is that your backups must be encrypted beforeuploading to a cloud service. Additionally, when local backup media such as hard drives or USB drives are used, either hardware or software encryption must be in place. Consider a non-encrypted hard drive backup that is taken off-site at the end of the day: misplacing this drive or having it stolen results in breach of your entire practice. dmi Networking recommends deploying encrypted cloud backup as well as hardware encrypted drives for local backup. This assures that data is recoverable quickly, complies with HIPAA rules for network security.
← Frequently Asked Questions