How do I know if my account is the PHI or PPI protected?

Regular Visitor

How do I know if my account is the PHI or PPI protected?

Hi all! 

 

I believe when I set up my account I did not select to set up the one where I would store patient information. I now need to be able to store confidential material for a research study. How do I make sure that my account meets standards? I couldn't find any sort of account description or way to change settings. 

 

Please let me know, 

 

Thanks

2 REPLIES
Box Certified Professional

Re: How do I know if my account is the PHI or PPI protected?

@kmarti86

Content confidentiality has a number of factors, including contractual ones. For example, a signed Business Associates Agreement (BAA) is required to store patient data in Box, according to the HIPAA guidelines. Other types of data have other legal requirements. Layered on top of that are having guidelines about how the data is used, particularly shared, so that no confidential data is exposed (including, in some cases, who other collaborators are).

You'll need to check with your Box admin to see if the legal requirements have been met and if you are following appropriate guidelines for that type of data.

Box provides good security, so while your data is secure in Box, it's not compliant unless these other two areas are properly attended to.

MaryBeth

Box Employee

Re: How do I know if my account is the PHI or PPI protected?

Hi!

This is also something you should reach out to your IT team about! This would depend on the license they have purchased and set up they implemented.

Cheers!