HIPAA-compliant workflow

On our Enterprise plan, Uploadcare can be configured to support HIPAA-compliant workflow. Read on to learn all the details.

Background

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a U.S. federal law that requires privacy and security protections for protected health information (PHI). If you’re a covered entity or business associate subject to HIPAA, Uploadcare can be configured to support PHI within secure uploading, storing, processing, and delivering files.

When a covered entity or business associate has executed a Business Associate Agreement with Uploadcare, Uploadcare is deemed a business associate.

Requirements and limitations

Before Uploadcare can support your HIPAA compliance, you must review and agree to implement the guidelines in our Requirements for HIPAA Entities. Please note the following:

  • You must be using the Uploadcare Enterprise plan.
  • You must execute a Business Associate Agreement.
  • You must authorize delivery of uploaded files with Signed URLs for your HIPAA compliant Uploadcare accounts.
  • You must use two-factor authentication for anybody who has access to your Uploadcare account.
  • You must not use Video Processing or Document Conversion features with a HIPAA compliant Uploadcare accounts.
  • You must configure a backup.

Check out our HIPAA guide.

Request more information

If you’d like to learn more about Uploadcare and HIPAA, get in touch with us. We’re happy to provide you with more information.