be Smart.
be Secure.
Phone: 800-441-6612

HIPAA-compliant Dropbox: Secure File Sharing at LuxSci

Want to set up a public dropbox for sharing sensitive files but still remain HIPAA-compliant?  This is now a snap for anyone with a HIPAA-compliant LuxSci account.

LuxSci has long provided online cloud-based secure file storage and sharing via its Documents WebAide service, which is included with all accounts as part of our suite of collaboration tools (calendars, tasks, address books, files, notes, links, password libraries, and user groups).  Now, in addition to being able to share files internally with other users, groups, and accounts, LuxSci customers can securely share files with anyone on the Internet.

How to Share

There are many ways to access the dialog box used for sharing WebAides with others.  Here is one:

Step 1: Go to your Document’s WebAides

Select “Documents” from the “WebAides” menu in LuxSci, or follow this link:

Documents WebAides Page

Step 2: Open the sharing dialog box

In the lefthand tree menu, right click on the name of the Documents WebAide that you would like to share and choose “Share WebAide” from the pop-up menu.

Alternately, simply click on the name of the Documents WebAide that you want to share and then click on the gear icon  and choose “Sharing” from the menu that pops up.

Step 3: Share with an External Person

For Documents WebAides, there is a new “Share this WebAide with” option called “External Person.”  You can enter any email address here and set the level of access desired:

  • New Entry — Permit uploading files
  • Read — Permit downloading files
  • Delete — Permit deleting either any file or only files uploaded by the sharer.

This allows you to share these WebAide folders as:

  1. Download (read only) access
  2. Upload (add files only) access
  3. Collaborative (upload, download, and maybe delete) access

When you share the Documents WebAide with someone, they’ll receive a notification email to inform them of their new access.  This email (which is customizable via Private Labeling) includes a link that can be used to access these files.

How are the shared files accessed?

The person with whom you have shared your files will access them though the LuxSci SecureSend portal (whose look and feel is also customizable via Private Labeling). If the person does not have a free account yet, they will need to register to gain access.

Once logged in, the person can access, drag-and-drop upload, download, and delete the shared files (based on their level of access granted).  If multiple folders of files have been shared with this  person, then they can browse the various accessible folders.  The individual can also send secure email messages to SecureLine-licensed LuxSci users.

How is this secure and HIPAA-compliant?

The file sharing is HIPAA-compliant due to the Business Associate Agreement that the LuxSci customer will sign with LuxSci.  Furthermore, the file-sharing service is secured on top of LuxSci’s normal controls by:

  1. AES-encrypted at rest file storage
  2. TLS-encrypted transmission of all data
  3. Required unique user access controls via usernames and passwords
  4. Logging of:
    1. All portal logins
    2. All file uploads
    3. All file downloads
    4. All file deletions
  5. Automatic logoff (customizable with Private Labeling)
  6. Customizable password-strength controls (with Private Labeling)

Controlling Access to the External Sharing Feature

Some customers may not want their users sharing files externally; they may want to restrict sharing and/or keep it all internal to their organization. As such, account administrators can turn external sharing on or off for their account.  Under “Advanced Administration > Collaboration > Shared Access” on the account admin homepage, you can set whether external sharing is allowed only for administrators or for all users in your account.  By default, external sharing is permitted only for account administrators.

Comments are closed.

• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries