HIPAA compliant Cloud Storage for Healthcare and Medical | CloudDip

HIPAA compliant Cloud Storage - OffSite Image Backup

CloudDip brings cloud storage solutions that can help your healthcare organization or medical practice save money and efficiently store important medical images to a secure offsite storage, while being in compliance with the HIPAA regulations. Our cloud storage solution that is specifically designed for healthcare clients complies with the HIPAA final security rule.

Our Cloud Storage and HIPAA compliance

The HIPAA Final Security Rule consists of 3 areas - administrative, physical, and technical. CloudDip cloud storage solutions for Healthcare has all of the appropriate technical security mechanisms to protect the data that is transmitted to and from our data centers. CloudDip encrypts all data using 256 AES. Approved by the NSA (National Security Agency), AES is the U.S. Federal standard for encryption as defined by the National Institute of Standards and Technology (NIST). Using TrueCrypt we help healthcare and medical organizations encrypt all data at source, then maintain the encryption in flight and at destination. This is sufficient to help IT professionals comply with the Final Security Rule.

As of today, there is no HIPAA "compliance certification" for backup applications and online storage vendors. So, no software service can claim to be fully "HIPAA compliant," since there is no official certification available by a governing body. However, by complying with the specific titles of the HIPAA that relates to techonolgy, we can help you be in compliance, while saving costs on your offsite image storage for x-rays, MRIs etc.

Understanding HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. Title I of HIPAA protects health insurance coverage for workers and families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification, requires the establishment of national standards for electronic health care transactions and also addresses the security and privacy of health data.

Due to the complexity of HIPAA, there has always been a great deal of confusion on how it applies and who is required to comply. Organizations who are required to comply with HIPAA fall into 2 categories. First category consists of "Covered Entities." (Example: Health insurance companies, clearinghouses, health care providers,etc. who transmit health information in electronic form.)

The second category consists of the "Business Associates who serve Covered Entities". (Example: Billing, claims processing, etc. Company or individual whose services that involve the use or disclosure of individually identifiable health information.) Cloud Storage vendors are NOT considered Business Associates since their functions or services do NOT involve the use or disclosure of protected health information (PHI). Therefore, they are not governed by the HIPAA Privacy Rule.

The first category (covered entities), need to comply with HIPAA, and the services offered by cloud storage vendors fall within the Final Security Rule. So it is important to choose a cloud storage vendor that understands and offers a secure storage solution.

To learn more about HIPAA Titles and Cloud Storage download our Whitpaper. (PDF)

Better Value and Efficiency

Imagine your healthcare organization can enjoy:

  • Secure 256-bit encrypted transmission of your data and images.
  • Secure 256-bit AES encrypted Storage of your data and images.
  • Password protected storage giving access only to your authorized hospital staff and doctors
  • Scalability and unlimited storage features, while remaining affordable


Many medical practices and healthcare providers are moving to cloud based storage technology to save money. Are you ready?

Interested to learn more?

Contact a HIPAA Cloud Storage expert