HIPAA Compliant Data Encryption for Giva's Service Management Suite

Does HIPAA require encryption? Yes. Giva uses HIPAA-compliant data encryption to ensure that all PHI data in hospital and healthcare electronic health and medical records is secure.

SSL - Private Website Encryption

  • NIST's HIPAA encryption standards recommend 128-, 192-, or 256-bit encryption.¬†Giva uses 256-bit secure sockets layer (SSL) certificates established on our cloud help desk cloud for any domains on which sensitive information is accessed or displayed.
  • All access to our cloud help desk software requires secure login credentials.
  • With our high availability data center infrastructure, SSL is also installed on the load balancers to ensure end-to-end privacy.

VPN - Secure Remote Access

  • All remote access, system administration connections and data transfers to Giva's HIPAA-compliant cloud help desk software for electronic health & medical records are encrypted using an SSL VPN (virtual private network) with dual factor authentication.
  • All data travels across an encrypted VPN using very strong encryption. Giva uses the strongest encryption available from leading security vendors to protect sensitive PHI in electronic health and medical records.

Data Encryption Requirements for HIPAA Compliance

  • In Motion - All sensitive electronic health and medical records data with patient health information, such as SSNs, patient diagnoses, medical histories, are encrypted using 256-bit secure sockets layer (SSL) to ensure HIPAA transmission security.
  • Backups - Giva encrypts all backups of customer data, which may include PHI from electronic health and medical records. HIPAA-compliant security controls are in place to limit and log all access to any backups.
  • At Rest - Giva meets HIPAA data at rest encryption requirements; all customer data, including PHI from electronic health and medical records, is encrypted when at rest.