Carbonite has stated that it enables HIPAA compliance.
Carbonite uses internal privacy and security provisions to safeguard medical information.
HIPAA requires business associates to implement risk management measures that protect the integrity, confidentiality, and availability of patient information. Carbonite provides real-time monitoring, a secure firewall, encryption, a vulnerability management program, and a formal incident response process for information security threats.
Physical security measures include restricted access at Carbonite’s facilities, so only authorized employees, third parties, and visitors can enter. Security includes both interior and exterior cameras as well as an alarm system and an electronic card access control system. Additionally, Carbonite restricts access to software programs.
A Carbonite Safe Pro subscription offers HIPAA compliance features. Carbonite Safe Pro also gives administrators access to view user activity and logins.
Carbonite provides a HIPAA handbook to guide customers in keeping their backups HIPAA friendly.