HIPAA Compliance with WebDrive

HIPAA Compliance

WebDrive offers HIPAA-compliant secure access and collaboration without requiring users to learn a new application. Install WebDrive on all computers with access to patient data on the server.

To set up a server, you will select a server profile. Each profile has different security standards.


SFTP servers are preferred for HIPAA compliance, as they meet all of the requirements by default. This protocol is fast, preserves the security of the server’s firewall by creating fewer openings during file transfer, and allows more advanced password coding, including support for the use of SSH host keys.


If you choose to connect through FTPS, WebDrive will need to be configured to meet HIPAA regulations. Create a new site by clicking the New button at the top left of the WebDrive window and changing the following settings:

  1. Select “TLS v.1.0 ‘Auth TLS’” or “TLS v1.0 Implicit” from the Security Type dropdown menu.
  2. Check that “Secure data channel (PROT P)” is enabled.
  3. Click the “Advanced Settings” button, navigate to FTP Settings under General Settings in the new window, and select either “S/Key MD4” or “S/Key MD5” and from the Password Encode dropdown menu.