The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines the minimum standards that need to be met to ensure the confidentiality, privacy, and security of health care information in the Internet environment. HIPAA requires that all health related data transferred over the Internet be done using industry standard encryption protection.
Cerberus FTP Server can meet this requirement, as well as provide the necessary access controls to ensure that data is not accessed by unauthorized users. Cerberus FTP Server is configured by default to require a minimum 128-bit encryption on all connections to ensure that data in motion is always protected. Information can be further protected by enabling Cerberus FTP Server’s FIPS 140-2 encryption mode (required by HHS guidelines to comply with the HITECH act’s data breach notification mandate).
Cerberus also provides full logging and auditing of all file activity. Access control can be fully configured per user, password policy restrictions enforced, and each user can be assigned individual, distinct home directories.
Cerberus FTP Server provides all of the tools necessary to allow you to operate your own HIPPA compliant file transfer system.
You can find more information on HIPAA requirements at http://www.hipaa.org/.