HIPAA Compliance Sheet for FTP Site

1. Our servers are located in a highly secure data center, thereby making it impossible for equipment (such as a hard drive containing medical data) to be stolen.

2. No copies of your files reside on any off-site or long-term storage media. We only backup your data nightly for disaster recovery purposes. No tapes are used and this data never leaves the building. In addition, backups are overwritten the next day.

3. We do not host on the Windows server platform, as those servers are constantly under attack and much more vulnerable.

4. Our servers do not accept Anonymous-FTP connections, the most common hacker method of seeking out an FTP site for possible attack.

5. We proactively monitor and react to intrusion attempts into our systems through the use of a sophisticated Intrusion Detection System (IDS) and multiple operating system level security tools.

6. NHPN will provide an unique username and password. FTP username and password is required.

7. We offer the use of 128-bit transfer encryption via two industry-standard methods -- HTTPS and FTPS.
Important Note - It is suggested that your users exclusively connect via one of the above methods supporting encryption.

To Login to our Secure and HIPAA Compliant FTP Transfer Site you need the directions sent to you.