HIPAA compliant cloud solutions

Helping digital health companies achieve safety and regulatory compliance
in the cloud environment

Do you need a HIPAA compliant cloud infrastructure for your application?

Cloud service providers manage security "of the cloud" leaving security "in the cloud" to be managed by the customer. We help you close this gap. We help you ensure confidentiality, integrity and availability of ePHI in your cloud environment.

Get HIPAA Cloud

Is your mobile or web application subject to HIPAA?


Schedule a free consultation to find out.
 

Contact us

Case study: Web application and infrastructure upgrade for HIPAA compliance

Problem description: remote patients monitoring company uses custom web application for keeping internal records. Initial audit revealed following critical issues:

  • PHI is not encrypted in transit
  • PHI is not encrypted at rest
  • application API is vulnerable due to token processing bug
  • user passwords strength is not verified

Implemented solution: combines application improvement and infrastructure aspects. Following measures recommended and implemented by Dekses:

  • migration to AWS (including VPC, VPN, encryption)
  • use only HTTPS to access the application
  • new API token handling schema based on JWT standard
  • secure password policies
  • rework of the logging subsystem in order to provide better audit controls

As result company's application and cloud infrastructure became HIPAA compliant and unlocked more business growth opportunities. If you think your business might be in a similar situation, contact us to schedule a free consultation.

How Dekses helps you get HIPAA compliant

Keep patients' medical information from loss, theft or corruption

Prevent unauthorized access

Make sure patients' data is safe at rest and transit. And available to view and edit only to authorized agents. This encompass all levels of the technology stack: infrastructure, backend, frontend and/or mobile application.

Monitoring and audit

Monitoring solution ensures that your application is available and works well. Audit subsystems track all system activities (data access and modification) and provide comprehensive view on what has happened, when and why.

Backup and disaster recovery

Long term data availability in case of critical infrastructure or application failures is guaranteed by proper backup policy and implementation. Additionally our cloud solutions significantly reduce time to recovery and increase operational efficiency.

Identity and access management

Cloud IAM provides centralized point of control over users and their access permissions. It allows to integrate external services and custom made application into single structure. This minimizes risk of improper access assignment.

What's Next?

First step of each project is a fixed-price assessment of your business and infrastructure. The result will be a list of security weaknesses and areas that need to be improved. As well as a concrete roadmap to HIPAA compliance for your application. Before that we'll do a free consultation to get initial information about your company and ensure that we know how to handle things in your case.

Get Started Now!

What people are saying about us

"It was a pleasure working with Dekses. Initially they helped us identify security weaknesses in our platform. The report was clear, accurate and immediately actionable. Next they helped us to implement security measures that encompassed application and infrastructure improvements. Highly recommended!"

Brad Westcott, President, CortiCare Inc.

"We worked with Dekses to review our product architecture and become HIPAA compliant. They recommended and helped with all aspects of our applications transition to the HIPAA compliant cloud platform. That was an important step in our startup development made with confidence and proven to be efficient."

CEO & Founder, SF healthcare startup

Contact

In order to schedule a free consultation just send us an email to:

Topics we would love to discuss with you:

  • Is your mobile or web application subject to HIPAA?
  • What's your company state in terms of HIPAA compliance and general security?
  • Most suitable cloud solutions that can help you achieve HIPAA compliance and improve security for your organization.

Or if you have other questions, just mention that in email.