HIPAA Compliance

WebDrive offers HIPAA-compliant secure access and collaboration without requiring users to learn a new application. Install WebDrive on all computers with access to patient data on the server.

To set up a server, you will select a server profile. Each profile has different security standards.

SFTP

SFTP servers are preferred for HIPAA compliance, as they meet all of the requirements by default. This protocol is fast, preserves the security of the server’s firewall by creating fewer openings during file transfer, and allows more advanced password coding, including support for the use of SSH host keys.

FTPS

Ensure that both the server and WebDrive support TLS 1.1, TLS 1.2, and/or TLS 1.3. TLS 1.0 and previous (SSL 3.0 and older) are no longer secure.

1.   Launch WebDrive

2.   Click on the “Settings” icon and ensure that “Show Advanced Settings” is turned on

3.   Select your FTPS site and click the “Edit” icon

4.   Click on “Advanced” and then notice the checkboxes to choose which TLS versions are enabled. Ensure you have only TLS 1.3, TLS 1.2, and/or TLS 1.1 enabled