Citrix Systems acquired ShareFile during 2011 and the facility is provided as a proper file sharing, data synchronize, and cooperation facility for the healthcare division. It is extremely important for anybody thinking using it to study Citrix Fileshare and HIPAA Compliance.
It’s a safe data storage, file sharing and cooperation facility that allows big files to be easily transmitted within a firm, with distant employees, and with outer associates. The solution allows any approved individual to promptly get stowed documents through mobile devices and desktops.
For healthcare companies, this implies the result can be utilized to transmit big files like DICOM pictures with scientists, distant healthcare workforce, and BAs. The ShareFile patient gateway can also be utilized to transmit PHI to pertinent patients.
Citrix is pleased to finalize a BA contract with HIPAA protected organizations as well as their BAs that includes using FileShare, even though it’s the duty of the protected body to ensure that the solution is established properly and is used in a way that doesn’t break HIPAA Laws.
The solution satisfies HIPAA prerequisites for data safety, with proper access and certification measures. Users link to the resolution through an encoded safe SSL/TLS link and files are protected. The solution also lets encryption on portable appliances. An inspection track is kept with access records noting who got records, and for how long and application mistakes and happenings are also noted.
The protections included in the solution imply the solution adheres to HIPAA rules. Therefore, essentially, Citrix ShareFile can be considered as HIPAA conforming.
Several companies promote their facilities as HIPAA conforming, however, that doesn’t mean use doesn’t carry hazards. Software solution suppliers can just build in administrative and security measures that allow their solution to be utilized in a HIPAA conforming way. It’s the responsibility of users to make sure the solution is established correctly and HIPAA Laws are not broken.
To avoid HIPAA breaks happening:
- Be sure a BAA has been signed prior to the solution being utilized for syncing, storing, or transmitting ePHI.
- Protected organizations should finalize a risk examination to find any probable risks to the integrity, confidentiality, and availability of patient files.
- Make sure encryption is in place when transmitting documents to external organizations.
- Processes and policies (administrative safety measures) should be developed including the use of the solution and workforce should be educated.
- Authentication and access measures should set to confirm access to PHI to only those persons who are allowed to access data.
- Any PHI transmitting to external parties should be limited to the minimum required data for jobs to be completed.
- Proper security measures must be put in place on appliances to make sure that in case of loss or theft, the appliances can’t be used to get PHI.
Citrix provides training for protected organizations regarding HIPAA Laws, how they pertain to FileShare, and help to make sure HIPAA is adhered to while using the facility.