HIPAA Compliance

Customers in the US healthcare industry require HIPAA compliant confidentiality and security when handling protected data. Maytech simply provides an electronic delivery service (not a data processing service), so we are not a HIPAA Covered Entity, nor a Business Associate for HIPAA purposes.

FTP-Stream offers strong security and data integrity to businesses and public services worldwide who are able to incorporate it into their secure, HIPAA-compliant workflows.

How Maytech’s FTP-Stream Helps You Become HIPAA Compliant

  • Physical Security – Maytech facilities are located at Tier 3 data centres which benefit from strong physical and electronic security, access logs, uninterruptible power and fire suppressant systems.
  • Firewalls – Maytech’s networks are protected by a stateful packet inspection firewalls. All ports, other than those required for the provision of service are closed.
  • Operating Systems – FTP-Stream runs on Linux, widely accepted as the world’s most secure operating system. Updates and security patches are applied daily.
  • Customer Access – access to FTP-Stream servers is restricted to the supported FTP-Stream protocols, we do not offer access over SSH or telnet. All sessions are automatically terminated after five minutes inactivity.
  • Encryption – customers log in to the control panel over HTTPS, ensuring that traffic is therefore always encrypted. Our optional Encryptions module provides further security using SFTP, HTTPS or FTPS.
  • Password Policy – with the optional Enhanced Security module you can set a password policy wherein users can / cannot change their passwords, must change their passwords on first login, must periodically change their passwords and must use strong passwords.
  • Data Integrity – our servers are XCRC enabled. This is a protocol supported by FTP client software, providing a cyclic redundancy check to ensure that data has not been corrupted in transfer.
  • Confidentiality – each customer account operates in a discrete file system and each login is jailed to their home folder with no visibility outside - unless granted permission by ADMIN.
  • Granular Permissions – FTP-Stream offers detailed control over access, file and folder permissions for each user.
  • Data Persistence and Backups – Maytech provides a high-availability service with significant redundancy in all critical resources. Hourly snapshots (backups) are retained and available to customers to restore deleted or overwritten files for 12 weeks. We do not keep permanent or incremental backups of customer FTP data and there are no persistent copies of customer data.

Talk to Maytech about HIPAA compliant file transfer today

We can help your organisation to meet security regulations and optimise workflows. Start your free trial online today.