Showing results for 
Search instead for 
Do you mean 
The blueprint for the future of work
Register today!
Attend BoxWorks
Desktop, meet cloud.
Box Drive is the easiest and fastest way to connect to the cloud — without changing the way you work.
View resources
Regular Visitor
Posts: 1

How do I know if my account is the PHI or PPI protected?

Hi all! 


I believe when I set up my account I did not select to set up the one where I would store patient information. I now need to be able to store confidential material for a research study. How do I make sure that my account meets standards? I couldn't find any sort of account description or way to change settings. 


Please let me know, 



Box Certified Professional
Posts: 173

Re: How do I know if my account is the PHI or PPI protected?


Content confidentiality has a number of factors, including contractual ones. For example, a signed Business Associates Agreement (BAA) is required to store patient data in Box, according to the HIPAA guidelines. Other types of data have other legal requirements. Layered on top of that are having guidelines about how the data is used, particularly shared, so that no confidential data is exposed (including, in some cases, who other collaborators are).

You'll need to check with your Box admin to see if the legal requirements have been met and if you are following appropriate guidelines for that type of data.

Box provides good security, so while your data is secure in Box, it's not compliant unless these other two areas are properly attended to.


Box Employee
Posts: 379

Re: How do I know if my account is the PHI or PPI protected?


This is also something you should reach out to your IT team about! This would depend on the license they have purchased and set up they implemented.