How can FileCloud help to achieve HIPAA Compliance?

March 2, 2014

By recording, every action with What, When, Who and How attributes FileCloud gives you the best possible audit data for your compliance. One can also export the logs for further review periodically.

The HIPAA or Health Insurance Portability and Accountability Act is an act passed by the United States of America, signed by President Bill Clinton in 1996. It was two parts- Title I and Title II. Title I protects health insurance coverage for workers and families when they change or lose their jobs. Title II defines the guidelines and procedures for maintaining the privacy and security of individually identifiable health information. Ever since the act was enforced, it is mandatory for organizations in the healthcare industry to follow such standards.

In short, the HIPAA sets the standards for protecting sensitive patient data. Although employees within your own organization have the ability to access and work on the files present in your network, HIPAA requires that you provide an audit control to record and examine their activity. HIPAA also requires that you encrypt and store the data and decrypt it whenever required.  If you want to use a file sharing service with HIPAA compliance, the guidelines that are discussed here must be followed. FileCloud helps you in following the guidelines set by HIPAA automatically!

FileCloud meets the file sharing requirements of Healthcare organizations. FileCloud supports HIPAA compliance by providing encryption in transit and at rest, detailed activity logs (what, when, who, where and how), integration with existing network shares, powerful admin tools, and reporting, data leak prevention, device management, drive app, and single sign-on capabilities.

Read more about it here

FileCloud monitors and stores every action that is performed by the users. It mentions a proper audit trail which can be accessed by the admin. As evident from the following screenshot, you can check that Audit records can be seen at the bottom right corner.

FileCloud Dash

Although the audit trail is enabled by default, you can change this setting in the admin settings. First, log in to your admin account and then go to settings. Select the ‘Admin’ tab and scroll down to the Audit Logging Level setting at the bottom.

FileCloud Audit

As explained in the settings, you can select three values for the Audit logging level. You can set it to OFF to disable Audit Logging altogether. You can set it to REQUEST to log all incoming requests by your users and their results. Thirdly, you can set it to FULL to make sure complete requests and responses are stored.

FileCloud audit logs record some standard data. It is listed below.

To view the audit trail, you can select ‘Audit’ on the left panel of the admin dashboard under Misc. According to the Audit Logging Level, the recorded data is shown.

FileCloud Log

In this example, we have used the REQUEST logging level, which means that all incoming requests and their results are logged. You can filter the audit logs too according to your needs.  In order to check the encryption, if you use https in your server, it should encrypt and decrypt the data on the fly.

Explanation with an example

Michael Domingo, Executive Editor of puts it briefly- "It can be difficult to know what changed when it changed, and who changed it. Add regulatory compliance and you'll need to hire a full crew to keep up the changes over time." Let us understand that with an example.

By recording, every action with What, When, Who and How attributes  FileCloud gives you the best possible audit data for your compliance.  One can also export the logs for further review periodically.

We hope that this post helped how Tonido FileCloud can help you with your HIPAA compliance. If you are an organization in the healthcare industry, you must know that it is completely safe to use FileCloud for your needs.

By Team FileCloud