HIPAA Compliant Domain Hosting
Listing 2 Results for “Domain Registration”
GoDaddy provides a variety of services including website hosting, email management, and domain names. Covered entities can use email services for protected health information, but website hosting services don’t meet HIPAA requirements.Basic website hosting plans aren’t HIPAA compliant because they are on shared servers. Other technical and physical safeguards aren’t in place for these plans. Covered entities shouldn’t use GoDaddy shared hosting for websites containing patient information.GoDaddy also offers email services through Microsoft Office 365. Two plans, Business Premium and Premium Security, offer HIPAA-compliant features. Covered entities must purchase HIPAA-compliant email as an add-on to the service. All email accounts on the same plan are HIPAA compliant. These email solutions offer the option of full integration with Microsoft Office.GoDaddy and Microsoft will sign a business associate agreement (BAA) to support HIPAA compliance. Also, covered entities must activate their email accounts before using these tools for PHI.
Bluehost doesn’t offer the privacy and security features required to comply with federal HIPAA regulations. While some web hosts provide higher-priced plans to support covered entities with HIPAA compliance, Bluehost doesn’t offer any plans that meet HIPAA standards.Bluehost provides customers with a variety of security features, including SSL certification and HTTPS protocol. While these security features are necessary steps for HIPAA compliance, they aren’t enough. HIPAA compliance requires access control and audit control for digital security. Additionally, facility controls must include physical safeguarding of server equipment.It’s a breach of the user agreement to store PHI on Bluehost servers. The company is transparent that its services aren’t authorized for patient health data and identifiable medical information. No Bluehost tools, including shared hosting, dedicated hosting, and email, should be used for PHI.Since Bluehost doesn’t provide HIPAA-compliant services, the company won’t sign a business associate agreement (BAA). Covered entities that need web hosting services for PHI should choose a different service that meets HIPAA requirements.