Giva's HIPAA-compliant record retention requirements in the cloud ensures that customer data is never deleted and always available if need for an audit or legal discovery.
Our carefully vetted partnership with our hosting provider ensures that we have best in class cloud storage services that are HIPAA compliant.
HIPAA compliance is also a critical part of the our backup and restore plans, if ever needed. All backups are encrypted, and some are stored offsite for additional redundancy.
Onsite Data Backups
HIPAA Compliant Cloud Storage - Customer data is never deleted and always available.
Data Backup Plan (R) - §164.308(a)(7)(ii)(A) Giva's HIPAA-compliant backup procedures create and maintain retrievable exact copies of all data that contain protected health information (PHI) from electronic health and medical records.
Giva performs daily incremental backups and weekly full backups. Weekly full backups are retained for 2 weeks and daily incremental backups are retained for 1 week to ensure that critical data remain safe, encrypted and always available.
Backup and Recovery Plans - Primary Backups are stored locally for fast restores.
Offsite Backups - Data Centre - Different Location
Offsite backups are a key requirement of HIPAA's Disaster Recovery Plan (R) - §164.308(a)(7)(ii)(B) to ensure procedures are in place to prevent data loss.
To mitigate the risk of a catastrophic data loss in our redundant data centre facilities, Giva further replicates backups to another data centre in a different location.
Backups are replicated to our offsite data centre facility in a different location every 24 hours.