HIPAA (Health Insurance Portability and Accountability Act of 1996) requires businesses that process, store or transmit electronic protected health information (ePHI or PHI) to comply with strict administrative, physical and technical safeguards. Liquid Web offers managed dedicated, VPS, and cloud dedicated solutions compliant with HIPAA guidelines. 

Often, the consequences of the loss or compromise of protected health information could cause irreparable damage to a client’s reputation, or even serious legal penalties. In order to ensure our clients are protected, we have crafted compliant hosting solutions, making sure technical controls, backup management, safeguards and physical security policies are in place, all to verify that your data is secured to industry standards.

HIPAA Compliant Hosting is built to satisfy the administrative, physical, and technical safeguards required under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Depending on the server, that may include a hardware firewall and dedicated, encrypted storage, a locked server cabinet, and customized software for intrusion detection, log management, and more. 

Anyone who collects, transmits, or creates electronic protected health information (ePHI) is considered a covered entity and must be HIPAA compliant. That includes not only health care providers and health insurance providers, but also other entities such as IT providers, consultants, and cloud storage providers who store, process, or otherwise may have access to their data.

The need for additional components such as a hardware firewall, secure server cabinet, and customized software means that HIPAA Compliant hosting is generally more expensive than a standalone dedicated server. Liquid Web’s Dedicated Server HIPAA solutions start at $429/mo. (Linux) and $471/mo. (Windows).

Violations — intentional or otherwise — carry fines that are levied in tiers, with minimum fines ranging from  $100 to $50,000 per violation. 

Server Secure Plus

  • We have innovated on top of our exclusive ServerSecure™ installation service. A setup option available for our dedicated servers, ServerSecure™ ensures optimal compatibility, paramount integrity and the most efficient usage of your server/servers. We have upgraded this service to iron-clad standards by adding daily CXS scans and a multitude of server hardening features available exclusively to those opting for ServerSecurePLUS™. What would have taken hours of installation work and the help of an outside system administrator, is now at your fingertips with the help of ServerSecure™ and ServerSecurePLUS™.
  • Brute Force Detection and Evasion
  • Apache DOS Prevention/Protection
  • E-Mail Virus Filtering
 

Exclusive to ServerSecurePLUS™

  • Daily CXS Scan
  • SSH/cPanel/FTP Hardening
  • Webserver & PHP Hardening
  • Monthly Nessus® Vulnerability Scans
  • DDOS Attack Protection/Mitigation
  • Detect and Block Emerging Application-Layer DDoS Attacks
  • Deploy a Turnkey Solution to Stop Threats
  • Accelerate Responses to DDoS Attacks
  • Prevent Illegitimate Botnet Communications
  • Leverage Real-time Security Intelligence
  • Mitigate Volumetric Attacks
  • Block Illegitimate traffic from Costing you Money in Bandwidth Charges
hacker (1)

Minimize Risk of Loss and Theft

24/7/365 Manned Facility

Closed Circuit TV Security Cameras

Monitored 24/7/365 by 3rd Party Security Company

Site Entrance Controlled by Electronic Perimeter Access Card System

 
shield

Minimize Risk of Damage

High Security Facilities

Data Centers Privately Owned and Operated

Durable, Poured Concrete External Walls

Disaster Neutral Geographic Locations

key

Entry Security – Access Controls

Exterior Entrances Secured by Mantraps with Interlocking Doors

Access to the Data Center Space Requires Secure Credentials

renewable-energy

Uninterruptible Power Supplies (UPS)

Multiple N+1 MPS Generators

Multiple Fuel Contracts Ensure Fuel Availability for Generators

Multiple N+1 UPS Systems with 30 Minute Minimum Runtime.

Server Chassis Feature Redundant Power Supplies (Available)

Server Chassis Have A/B Power Configurations (Available)

Redundant ASCO Closed Transition Bypass Isolation Transfer Switches

Capability to Provide Tier-4 Power

Four 10 Megawatt Feeds Available

Diverse Paths from Substation

2N Power Available

fire

Advanced Fire Prevention Infrastructure

Dry Pipe Preaction, Double Interlock System

NFPA 13 Compliant

Backup Software Application Database internet technology concept.

We Take the Headache Out of HIPAA Compliance

HIPAA (Health Insurance Portability and Accountability Act of 1996) requires businesses that process, store or transmit electronic protected health information (ePHI or PHI) to comply with strict administrative, physical and technical safeguards. XMLA offers managed dedicated, VPS, and cloud dedicated solutions compliant with HIPAA guidelines.

Often, the consequences of the loss or compromise of protected health information could cause irreparable damage to a client’s reputation, if not even more serious legal penalties. In order to ensure our clients are protected, we have crafted compliant hosting solutions, making sure technical controls, backup management, safeguards and physical security policies are in place, all to verify that your data is secured to industry standards.

HIPAA Compliance: Security & Solutions

Data Center Physical System Security

SSAE-16 (formerly SAS70) & Safe Harbor Compliant

heartbeat

Secure Your Healthcare Data

Wholly owned Core Data Centers

Fully Managed Servers

Locked Server Cabinets Available

Business Associate Agreement (BAA) Available

Offsite Backup Available

High Availability Infrastructure

Extensive Administrative, Physical & Administrative Safeguards

domain

Network Configuration and Technical Security

Network Device Management

Hardware Cisco Firewall Devices Available with Full Management

Qualified Engineers Available 24/7/365

Assistance with Hardware Firewall Configuration

Outbound and Inbound Traffic Filtering Available

Intrusion Detection/Intrusion Prevention Modules Available

Network Redundancy Ensures Failover

Diverse Connectivity Fiber Paths Into Building

Dedicated Meet-Me Room

Bandwidth Co-Op solutions

Carrier Neutral

On-net transport to most major global cities

Remote VPN

Remote Secure VPN Implementations and Management Available

Encryption (Triple DES or AES)

Authentication (Site-to-Site VPN Tunnels) with Strong Passwords, Pre-Shared Key and Certificate

DMZ Implementations

Assistance with Log Management and Monitoring

network attached storage (NAS)

Backup Management

Protect your data with XMLA Guardian, our fully managed, robust backup solution for Linux and Windows Managed Dedicated Servers. XMLA Guardian continuously captures your entire system configuration to an off-site facility for disaster recovery.* Guardian uses replication, synchronization, and point-in-time snapshots to provide protection of your complete server environment, so our Sonar® Monitoring team can recover your exact server configuration in the case of a catastrophic event. When you pair our Guardian backup solutions with our state-of-the-art, secure Data Centers – featuring SSAE-16, PCI compliance, Safe Harbor Certification, and 24/7/365 on-site Heroic Support® – we can ensure unparalleled uptime and safeguard against data loss in even the most extreme circumstances.

locked

Security Zones

Office Space Separate from Data Center Space

Advanced Proximity Credentials Required to Access Data Center

All Employees Receive Full Background Check

Key Locked Physical Server Rack Enclosures Available

Component Level Redundancy Available for Hard Drives

Hot and Cold Spare On-site Servers Available

In the System Control Room Technical Operator Stands and Monitor

How It Works

  1. During normal host operation, the Guardian agent keeps a journal of disk changes. Incremental backups know what sectors on the disk have changed before the backup operation even starts. Guardian’s method is less resource intensive than traditional file-by-file or block-by-block backup methods.
  2. Guardian directly reads your hard disk volumes at the sector level, bypassing the file system for the ultimate in performance and recovery. Our disk sector synchronization is performed while the server is online and causes no interruption to I/O requests, even on a busy server.
  3. By reading the disk at the lowest possible level, Guardian captures incremental recovery images, containing your files and all the required information for consistent point-in-time system-wide backup images.
  4. These sector-based backups increase throughput and reduce overhead so that servers can be fully operational with minimal performance impact while the backup is taking place. Backups can usually be performed at anytime, even on busy servers.
  5. Our Disk Safe feature allows us to safely store your backup data by encrypting it on the backup nodes. This feature can’t be disabled later, it has to be configured with a fresh backup snapshot. Disk Safe currently supports encryption using 128-bit RSA Keys and the Blowfish Cipher for symmetric encryption.
  6. When necessary, you can restore servers directly from your disk-based backups. Unlike traditional backup software, there is NO need to first partition your drive and install the operating system. In addition, our bare metal recovery greatly increases the speed of complete system recovery from a catastrophic failure.
  7. Our Managed Dedicated Server customers who are running Linux can easily manage their backups through the XMLA Guardian cPanel Plugin, accessible directly from your cPanel interface. Continuous backup of MySQL databases is also available via an optional plugin.

Linux

Single Server HIPAA Hosting starts at $699
Multiple Server HIPAA Hosting starts at $1299

CONTACT US