HIPAA Compliant Backup

How Zetta Helps You Stay HIPAA Compliant

Working with companies that comply with the Health Insurance Portability and Accountability Act (HIPAA) is a must for insurance and healthcare providers.

Zetta allows you to meet the rules and regulations set forth by HIPAA through a number of stringent security measures and data access controls.

image description

How Zetta Fits into Your HIPAA Compliant Backup Process

Zetta is a cloud-based data protection service that stores customer data. Zetta isn’t a healthcare provider, and we perform no processing of end-customer, HIPAA-regulated data. Zetta stores your encrypted data offsite, as required by HIPAA, in highly secured data centers, but all access to your data is controlled by your server administrators.

In addition, all backups and restores with Zetta are logged, and those logs are then immediately available to customers. HIPAA also requires periodic testing of backup and recovery plans – Zetta ensures this by cross verifying every 30 days versus customer data.

image description

Customer Agreement Contract Based on Federal Government Regulations

Zetta’s Customer Agreement Contract is based on standards set forth by the federal government. Data stored with Zetta is secure, allowing your organization to meet all compliance requirements as defined by HIPAA.

image description

HIPAA Business Associates Agreement

Zetta will sign a HIPAA business associates agreement (BAA) to demonstrate cloud backup regulatory compliance. The BAA is a required component of ensuring that you are HIPAA-compliant in your offsite backup storage.

image description

Strict Data Center Security Standards

Zetta’s data centers offer 2-factor authentication to add to security measures. The first level access is controlled by Zetta’s Security Management Team and is reviewed regularly. The second level is verified by a hosting company and is compared against an access list provided by Zetta. Once data is in the data center, access is granted only after valid identification has been provided and a bio-metric hand scan has been completed.

image description

Data Integrity and Recoverability

Organizations that are HIPAA compliant must securely store retrievable copies of their data. Zetta goes to great lengths to maintain customer data integrity. In addition, Zetta ensures that data is fully recoverable by re-evaluating the entire data set on a rolling 30 day basis for files that are untouched, as well as on every single read for files that are accessed.

image description

Data Encryption in Transit and at Rest

All data stored with Zetta is encrypted in transit and at rest. An SSL encryption suite is used in transit, and on disk AES-128-CCM is used on a per-volume basis with a unique key per volume.

If further encryption is desired, it would be implemented by your organization within your firewall prior to transmission to Zetta.

Want to learn more?

Give our recovery experts a call.

Get in Touch