Secure Data Portal
Login  |  Email Support  |  U.S. Sales (866) 961-4421 |

EasyDocEx: Facilitating HIPAA Compliance including changes made under the Health Information
Technology for Economic and Clinical Health Act (HITECH Act)

EasyDocEx can help your company comply with the electronic communications requirements of HIPAA including the changes made under the HITECH Act.

EasyDocEx offers a turnkey solution providing full data encryption (network, data center & physical equipment) as well as user authentication. Our state of the art, fully redundant high speed Managed File Transfer (MFT) and Secure Data System provides a secure data portal for your employees, clients and partners to access or exchange mission critical data meeting the security procedures mandated under HIPAA including the changes made under the HITECH Act.

EasyDocEx utilizes Secure Socket Layer protocol (SSL) with 256-bit encryption to protect personal information sent or received through our EasyDocEx system and complies with the Federal Information Process Standard 140-2, Security Requirements for Cryptographic Modules. This protocol is supported in the latest versions of the most popular web browsers, such as Firefox 3.0 and Microsoft's Internet Explorer. To assure that all web browsers provide the greatest level of security, EasyDocEx utilizes Server Gated Cryptography (SGC). Server Gated Cryptography provides the ability to 'up-rate' older browsers that are only capable of weak, 40-bit and 128-bit encryption to ultra-secure 256-bit encryption.

EasyDocEx combines cutting-edge security technology, best practices and a team of certified senior-level professionals to help ensure that security. Using state-of-the-art traffic profiling and anomaly detection capabilities, we manage and secure our networks, pinpoint and troubleshoot network attacks, monitor our servers and applications, and analyze network security performance issues. Multiple levels of security (known as Defense in Depth) allow elevated levels of control for maintenance personnel without compromising security—including private network circuits for systems management and data and duplication for disaster recovery.


HIPAA Rule Security Procedure Description The EasyDocEx Solution
164.312(e)(1) Ensure Transmission Security (Required) "Implement technical security policies and measures to guard against unauthorized access to electronic protected health information (EPHI) that is being transmitted over an electronic communications network." EasyDocEx ensures the security and integrity of files before, during and after transmission. Protected files are fully encrypted using the latest 256 bit data encryption and can only be accessed by the intended party.
  Implement Encryption "Encrypt EPHI whenever deemed appropriate." All data moving between the client, the EasyDocEx Secure Data System and the intended recipient is automatically encrypted.
  Implement Integrity Controls "Implement security measures to ensure that electronically transmitted EPHI is not improperly modified without detection until disposed of." Usage permission controls prevent alteration of EPHI. Files are fully protected with access and modification tracking.
164.312(c)(1) Access Control (Required) "Implementation policies and procedures to protect EPHI from improper alteration or destruction." Only authorized individuals with the appropriate user name, password and system rights can access EPHI.
  Implement a Mechanism to authenticate EPHI "Consider possible electronic mechanisms for authenticating such as: digital signatures, error correcting memory…" EasyDocEx utilizes 256bit data encryption, user authentication as well as ECC memory, firewalls and SAS 70 Type II Data Centers
164.312(d)(1) Device and Media Controls (Required) "Implement policies & procedures to address the final disposition of EPHI, and/or the hardware or electronic media on which it is stored." All data is housed in our SAS 70 Type II data centers on fully encrypted drives and network storage devices.