1.2k questions

1.4k answers

361 comments

339 users

Categories

Sidebar
0 votes
881 views
by amanda-w-3695 (5.1k points)
by (100 points)
Thanks, but what I really need to know is if the Qvera supplied encryption makes it HIPAA compliant or if we must put SQL Server encryption (TDE) on the database in order to make it HIPAA compliant???...
by amanda-w-3695 (5.1k points)
See modified answer below

1 Answer

0 votes

All message data, log data, usernames, passwords etc. are encrypted within the QIE database, using AES256 encryption. This encryption satisfies HIPAA requirements for encrypting PHI "at rest" thus eliminating the need to encrypt the entire database.

Whenever a user attempts to export unencrypted message data from QIE, they will be prompted with a reminder regarding the potential sensitive information or PHI and they must select Yes or No to complete the export process. 

by amanda-w-3695 (5.1k points)
edited by amanda-w-3695
...