HIPAA Compliance, Business Associate Agreement & BAA Email Services

How is LuxSci HIPAA Compliant?

LuxSci has been offering services that can be used in a HIPAA-compliance context since 2008. LuxSci's services contain (as included or optional features) all of the appropriate controls that may be required or desired to help you meet your business' HIPAA-compliance requirements. These include items such as: transport encryption with appropriate ciphers, at-rest encryption, software and hardware firewalls, intrusion detection, anti-virus scanning, server segmentation, unique access controls and access auditing, breach reporting, proper media disposal, disaster-recovery plans, etc.

Furthermore, LuxSci performs its own:

Yearly internal HIPAA review
Yearly external HIPAA review (ask for a letter of attestation)
Yearly internal risk analysis
Yearly risk analysis of all of the services it provides
Yearly risk analysis of vendors and partners
Yearly penetration tests
Weekly external and internal network and vulnerability scans of all servers
Frequent external vulnerability scans of luxsci.com from by 2 different vendors
Continuous internal staff training on security and HIPAA
... and much more

Vendors' BAA

As required by HIPAA, LuxSci has explicit Business Associate Agreements in place with all its vendors that could come into contact with your ePHI. They include:

RackSpace Private Cloud and Dedicated Servers—our data center provider.
RackSpace Public Cloud
Excel Micro—our partner delivering for Proofpoint Premium Email Filtering and Sonian Email Archival
SecureVideo—our partner for SecureVideo
Nuevasync—our partner for MobileSync
Mediprocity—our partner for SecureChat
Amazon AWS
AnswerConnect—our phone call dispatch service

LuxSci BAA

LuxSci customers with HIPAA accounts must read, agree to, sign, and return LuxSci's HIPAA Business Associate Agreement and Account Restrictions Agreement. This version is updated with the provisions required by the Omnibus Final Rule.

Customers with HIPAA accounts can read these agreements and fill out the form to signify their agreement to these terms of service and to include their written signature, captured using LuxSci's Ink Signature technology.

Who should sign? To ensure HIPAA compliance, an officer of your organization with legal right to enter into a HIPAA Business Associate Agreement should be the one to sign. If you have someone without sufficient authority sign (a Webmaster, for instance) the agreement, then it's possible you're failing to properly meet your obligations under HIPAA.

Can I modify the BAA? LuxSci does not generally accept customer-suggested modifications to its HIPAA BAA. For customers with a strong need, we do have a fee-based to pay for reviewing your BAA change requests; the changes may or may not be permitted. LuxSci ensures that the spirit of its BAA is consistent across all customers so that LuxSci can consistently abide by the terms of the BAA without needing to refer to many various contracts for every situation that may arise.

Agreements:

	YES, I have read and agree with the Business Associate and Account Restrictions Agreements.^* Business Associate Agreement Account Restrictions Agreement
Customer Signature^*	clear area Date: Draw your signature in the box above. On a desktop or laptop computer, you can use a mouse (click and drag to draw). On a touch screen device, you can use a stylus or your finger.
Customer Name^*
Customer Organization
Customer Title
Account or Order Number^*
	YES, I would like a copy of these counter-signed agreements for my reference.

What People Say About LuxSci

I had a few startup problems but they were solved within a few hours, which is great compared to the support I usually see from other companies. Now everything works as I expect and I am very satisfied with your products and support."

I email to commend LuxSci's excellent email and web services, which in my opinion, are similar to a well-built German motor vehicle. Very reliable technology with constant innovations (but no gimmicks) and slick WebMail. Moreover, never before have I experienced such swift customer service. Most emails are replied to within minutes at all times of day. Keep up the good work!"

Thank you for the prompt response times. In all my years of dealing with hosting companies, not a single one can top the customer service LuxSci provides. Not only is the response time quick, but your replies are concise, to the point and actually helpful. That is a big difference compared to your competitors out there. It is a pleasure working with LuxSci."

I have been very happy with the products & services. They have exceeded my expectations thus far because whenever I need something, I can either easily find the answer myself, or if not the telephone tech support is extremely helpful. Thanks!"

After being a long time customer (under several different companies), I haven't had *any* problems with my LuxSci services, and I bet you folks don't hear enough that you're doing a spectacular job running the hardest service on the Internet. I rarely think about LuxSci, as my mail just works, which ultimately means absolute success in my book. Keep it up!"