The Health Insurance Portability and Accountability Act of 1996 (HIPAA) applies to health care providers, health insurers, and health care clearing houses that store patient data electronically (Covered Entities). Online Backup service providers are not Covered Entities as defined by HIPAA. However, HIPAA does specify that Covered Entities must have data security standards ( the "Security Rule"). The Security Rule requires Covered Entities to have a Data Backup Plan and a Disaster Recovery Plan.
In addition to the Security Rule and it's Data Backup and Recovery requirements, HIPAA also requires that Covered Entities must implement certain technical safeguards which include the encryption of data. Since Rhinoback strongly encrypts data with the Advanced Encryption Standard (AES) before it leaves the clients computer, and stores the data in encrypted form at all times, Rhinoback provides an excellent capability for Covered Entities to meet these requirements.
There is no HIPAA certification for backup services, however, Rhinoback services provide Covered Entities with the privacy, encryption, and data backup capabilities they need to meet HIPAA compliance requirements.