Medical Billing Forum

HIPAA => HIPAA => : PMRNC January 26, 2013, 02:07:48 PM

: Are you using DropBox?
: PMRNC January 26, 2013, 02:07:48 PM
I don't use Drop Box, but I know many who do.. well you might want to rethink it:

Is Dropbox HIPAA, FERPA, SAS 70, Safe Harbor, ISO 9001, ISO 27001,or PCI compliant?

« Back to Help Center

Dropbox complies with the U.S. – E.U. Safe Harbor Framework and the U.S. – Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland.

Unfortunately, Dropbox does not currently have HIPAA, FERPA, SAS 70, ISO 9001, ISO 27001, or PCI certifications. We'll update this page with any new certifications as we receive them.

https://www.dropbox.com/help/238/en
: Re: Are you using DropBox?
: Billergirlnyc January 27, 2013, 05:45:22 PM
Wait, people use Dropbox in the Healthcare field? The first thing anyone should be checking before using any cloud service is if they're equipped to handle the Healthcare field.
: Re: Are you using DropBox?
: PMRNC January 27, 2013, 06:13:40 PM
Yes, I've heard of people using them and other backup providers such as Carbonite.   I myself use Efax however they have a HIPAA security version to which they charge extra for. :)   
: Re: Are you using DropBox?
: Christy January 27, 2013, 06:21:07 PM
http://www.carbonite.com/en/Files/Carbonite-HIPAA-fact-sheet.pdf

what's wrong with Carbonite?
: Re: Are you using DropBox?
: Billergirlnyc January 27, 2013, 06:47:39 PM
That's crazy and very dangerous. Here is the thing there is a huge difference between a company saying they're HIPPA compliant and them willing to actually sign the BAA's with doctors, billing co's, insurance, etc. Meaning they're willing to shoulder the blame if their cloud service isn't up to snuff. I don't want just certification I want the BAA too. There are tons of company who are now doing this since Verizon and Microsoft now offer a BAA with their cloud services. Many weren't and still aren't and I personally stay away from them. We use Verizon's cloud service but plenty of my clients use Microsoft's.
: Re: Are you using DropBox?
: PMRNC January 27, 2013, 07:26:57 PM
Carbonite is fine, I was only using them as an example:   According to Carbonite they are HIPAA compliant:

Business Associates: A business associate agreement is not required with Carbonite. These agreements are between covered entities where there is a reasonable probability that protected health information can be accessed. The self-managed encryption key specifically blocks Carbonite from accessing backed up data.

I MIGHT ask them to sign a BAA anyway though.. just suggestion :)
: Re: Are you using DropBox?
: Christy January 27, 2013, 09:35:47 PM
:)  yep, I always sign BAAs!  you ladies rock!
: Re: Are you using DropBox?
: QueenAlicia March 11, 2013, 04:32:36 PM
I have been using Carbonite for a year now and Like it.
: Re: Are you using DropBox?
: davis.alexander July 10, 2013, 08:40:59 AM
Now I am using carbonite for backup. Previously I was using dropbox, but trust me carbonite is better .
: Re: Are you using DropBox?
: PMRNC July 10, 2013, 02:56:03 PM
I like Carbonite too. Every once in a while I go in and make sure it's doing it's "thang".  I keep all my clients files on a spare drive and do NOT have Carbonite back that up, rather I do that manually as it's just a layer of security to ease my own paranoia. If you are using any backup system online remember that you are backing up what you have, so let's say you have adware/spyware/malware on there.. guess what.. now it's on your backup AND out there. I have my system maintenance scheduled before my backkup JUST in case. I do full system scan (spyware, virus, etc) and then it runs backup.  Just thought I would add that.
: Re: Are you using DropBox?
: jessyp October 10, 2013, 08:35:58 AM
Yes, I have been using Carbonite
: Re: Are you using DropBox?
: BikhamHealthcare March 06, 2019, 08:16:06 PM
Carbonite  is very useful if you need to use it have all medical requirements
: Re: Are you using DropBox?
: medwave July 24, 2019, 02:46:29 PM
It's interesting that you bring this up, as I just had a discussion on using Trello for workflow = https://trello.com.

In case anyone is wondering, Trello doesn't seem to be HIPAA compliant: https://community.atlassian.com/t5/Trello-questions/Is-Trello-HIPAA-compliant/qaq-p/461876