Managed Cloud-Backup & Recovery Experts

PH: 1-866-855-2855


 

  • HIPAA
  • SSAE 16
  • FIPS140

HIPAA Compliance

Quantum RBS's Technology & Services are HIPAA Compliant:
As of April 2005, HIPAA's security standards mandate that all health care providers establish a contingency plan to respond to any type of computer disaster involving potential data loss. Quantum RBS's technology complies with the following HIPAA requirements:

  • User authentication
  • Role based access
  • Encryption of data (AES128, AES192, AES256 bit encryption)
  • Offsite data storage outside of the organization
  • Secure storage facilities
  • Transmission Reports

Quantum RBS's Internet Vaulting solution is completely secure and can protect your organization in the case of any type of data loss. Please refer to the table below for a more detailed look into how Quantum RBS's secure remote backup solution enables business to instantly comply comply with HIPAA regulations:

HIPAA Privacy Rule
HIPAA Privacy Rule
Quantum RBS
Quantum RBS
Covered Entity
Covered Entity
Safeguards:
164.530 (c) (1)
Quantum RBS Canada


Cloud backup


Virtual disaster recovery
*     Administrative
       164.308
Local appliances
Yes

Disaster proof your business
Enabled by Quantum RBS

Laptops and mobile devices
*     Technical
       164.312
Cloud backup servers
Yes

Enabled by Quantum RBS
Enabled by Quantum RBS

Secure triple redundant
*     Physical
       164.310
Offsite backup
Yes

Enabled by Quantum RBS
Enabled by Quantum RBS

Online backup
Access to PHI
164.524
Enabled by Quantum RBS
NO - Covered Entity has the
only encryption key
Cloud backup
Yes

Disaster proof your business
Amendment to PHI
164.526
Covered Entity has the only encryption key
NO - Covered Entity has the
only encryption key
Covered Entity has the only encryption key
Yes

Covered Entity has the only encryption key
Encryption of PHI
164.312
Yes Yes

HIPAA Security Standards Matrix Quantum RBS Covered Entity
Assigned Security Officer
164.308(a)(2)
Assigned Security Officer
Yes

Assigned Security Officer
...

Assigned Security Officer
Access Authorization
164.308(a)(4)
Security Incident Reporting
NO - Only covered entity
has access to PHI
Covered Entity has the only encryption key
Yes

Security Incident Reporting
Security Incident Reporting
164.308(a)(6)
Yes

Security Incident Reporting
...

Security Incident Reporting
Contingency Plan: Data Back-up
164.308(a)(7)
Contingency Plan Data Back-up
Yes

Contingency Plan Data Back-up
Yes

Contingency Plan Data Back-up
Contingency Plan: Disaster Recovery
164.308(a)(7)
Contingency Plan: Disaster Recovery
Yes

Contingency Plan: Disaster Recovery
Yes

Contingency Plan: Disaster Recovery
Business Associate Agreement
164.308(b)(1), 106.103
Business Associate Agreement
Yes

Business Associate Agreement
...

Business Associate Agreement
Facility Access Controls
164.310(a)(1)
Facility Access Controls
Yes

Facility Access Controls
...

Facility Access Controls
Device & Media Controls
164.308(d)(1)
Device & Media Controls
Yes

Device & Media Controls
Yes

Device & Media Controls
Access Control
164.312(a)(1)
Access Control
Yes

Access Control
Yes

Access Control
Transmission Security
164.312(e)(1)
Yes Yes

 

SSAE16

Quantum RBS's Technology & Services adhere to SSAE16 Type II Certification.

What is SSAE16 Certification?

SSAE16 is an internationally recognized accounting standard established in 1992 by the AICPA. The certification is achieved through an audit or examination that is conducted by an independent auditor. SSAE16 is the subject of increased interest in the face of regulatory mandates such as Sarbanes-Oxley and in the growth of business process outsourcing and Software-as-a-Service (SaaS).

What does Quantum RBS's certification mean for your company?

To put it simply, it means you can rest assured that your data is safe. Our top priority continues to be the safekeeping and security of your imortant and confidential data. This is a professional, third-party guarantee that we are standing by that commitment and providing the highest quality service to our customers.

 

FIPS

What is the certification for Cryptographic Module Validation Program FIPS 140-1 and FIPS 140-2 Modules In Process List?

Modules validated as conforming to FIPS 140-1 and FIPS 140-2 are accepted by the Federal Agencies of both the United States and Canada for the protection of sensitive information. The National Institute of Standards and Technology (NIST) established the Cryptographic Module Validation Program (CMVP) that validates cryptographic modules to Federal Information Processing Standards (FIPS)140-1 Security Requirements for Cryptographic Modules, and other FIPS cryptography based standards.

What does Quantum RBS's certification mean for your company?

It means we have passed rigorous security standards using independent, accredited Cryptographic and Security Testing (CST) laboratories to test our modules against requirements found in FIPS PUB 140-2, Security Requirements for Cryptographic Modules. These requirements cover 11 areas related to the design and implementation of a cryptographic module. NIST's Computer Security Division (CSD) and CSEC jointly serve as the Validation Authorities for the program, validating the test results and issuing certificates.

Quantum RBS Inc Canada Cloud Backup & Recovery + © 2005- 2017       Home    Contact Us    Site Map    Privacy Policy