Citrix Systems acquired ShareFile in 2011 and the facility is provided as a proper file sharing, data synchronization, and cooperation facility.
ShareFile was purchased by Citrix Systems in 2011 and the stage is promoted as appropriate information sync, record sharing, and joint effort apparatus for the medical care industry, however, is Citrix ShareFile HIPAA agreeable? Let’s see Is HIPAA Compliance and Citrix ShareFile? with Hitechthreats
What is Citrix ShareFile?
Citrix ShareFile is a safe document sharing, information stockpiling, and coordinated effort instrument that permits enormous records to be effectively shared inside an organization, with telecommuters, and with outside accomplices. The arrangement permits any approved individual to in flash access put away reports through work areas and cell phones.
For medical services associations, this implies the arrangement can be utilized to share enormous records, for example, DICOM pictures with scientists, far off medical care laborers, and business partners. The ShareFile understanding entry can likewise be utilized to impart PHI to patients.
Is Citrix ShareFile HIPAA Compliant?
Citrix will consent to a business partner arrangement with HIPAA included substances and its service relates that covers the utilization of FileShare, despite the fact that it is the duty of the covered element to guarantee that the arrangement is designed accurately and is utilized in a way that doesn’t disregard HIPAA Rules.
The arrangement fulfills HIPAA necessities for information security, with suitable access and verification controls. Clients interface with the arrangement by means of an encoded secure SSL/TLS association and information is ensured very still with AES 256-bit encryption. The arrangement additionally bolsters encryption on cell phones. A review trail is kept up with access logs recording who got to documents, when, and for how long and application blunders and occasions are likewise logged.
So is Citrix ShareFile HIPAA agreeable? The shields joined into the arrangement mean the arrangement does underpin HIPAA consistency.
Where HIPAA Covered Entities Must Exercise Caution
Numerous organizations publicize their foundation and programming as HIPAA agreeable, yet that doesn’t mean use doesn’t convey hazards. Programming arrangement suppliers can just form in security and managerial controls that permit their answer to be utilized in a HIPAA consistent way. It is the obligation of clients to ensure the arrangement is designed accurately and HIPAA Rules are not disregarded.
To dodge HIPAA infringement:
Guarantee a business partner understanding has been acquired preceding the arrangement being utilized for putting away, matching up, or sharing ePHI
Covered substances should play out a dangerous investigation to decide any likely dangers to the secrecy, honesty, and accessibility of PHI
Guarantee encryption is utilized when sending records to outsiders
Arrangements and systems (authoritative shields) should be created covering the utilization of the arrangement and staff should be prepared
Access and verification controls should be set to confine admittance to PHI to just those people who are approved to get to data
Any PHI imparted to outsiders should be restricted to the base fundamental information for undertakings to be performed
Suitable security controls should be executed on gadgets to guarantee that in the event of burglary or misfortune, the gadgets can’t be utilized to access PHI
Citrix offers direction for covered elements on parts of HIPAA Rules, how they apply to FileShare, and help to guarantee HIPAA consistency while utilizing the stage.