LuxSci has been offering services that can be used in a HIPAA-compliance context since 2008. LuxSci's services contain (as included or optional features) all of the appropriate controls that may be required or desired to help you meet your business' HIPAA-compliance requirements. These include items such as: transport encryption with appropriate ciphers, at-rest encryption, software and hardware firewalls, intrusion detection, anti-virus scanning, server segmentation, unique access controls and access auditing, breach reporting, proper media disposal, disaster-recovery plans, etc.
Furthermore, LuxSci performs its own:
As required by HIPAA, LuxSci has explicit Business Associate Agreements in place with all its vendors that could come into contact with your ePHI. They include:
LuxSci customers with HIPAA accounts must read, agree to, sign, and return LuxSci's HIPAA Business Associate Agreement and Account Restrictions Agreement. This version is updated with the provisions required by the Omnibus Final Rule.
Customers with HIPAA accounts can read these agreements and fill out the form to signify their agreement to these terms of service and to include their written signature, captured using LuxSci's Ink Signature technology.
Who should sign? To ensure HIPAA compliance, an officer of your organization with legal right to enter into a HIPAA Business Associate Agreement should be the one to sign. If you have someone without sufficient authority sign (a Webmaster, for instance) the agreement, then it's possible you're failing to properly meet your obligations under HIPAA.
Can I modify the BAA? LuxSci does not generally accept customer-suggested modifications to its HIPAA BAA. For customers with a strong need, we do have a fee-based to pay for reviewing your BAA change requests; the changes may or may not be permitted. LuxSci ensures that the spirit of its BAA is consistent across all customers so that LuxSci can consistently abide by the terms of the BAA without needing to refer to many various contracts for every situation that may arise.
You are exceeding expectations. I have been very impressed with your organization. From sales and billing to tech support, everyone has been very responsive and knowledgeable. Most problems are resolved during the first contact. Thank you for your dedication to service and excellence. I will be recommending you without hesitation."
For me, the LuxSci order placement and account design tools offer a rapid process of dynamically adding users, domains or disk space. For my clients, your WebMail service is the first one to meet their needs while also sporting a user-friendly interface. I look forward to working with you again!"
I had a few startup problems but they were solved within a few hours, which is great compared to the support I usually see from other companies. Now everything works as I expect and I am very satisfied with your products and support."
What I really appreciate about LuxSci is that the services are comprehensive, yet modular and easily configurable in small increments. This is particularly important on the non-profit site I have hosted there. And, if I need more, I can add it quickly and efficiently - I don't need to jump to a $99/month package just to add database support."
Your standard and HIPAA-compliant hosting services are awesome, working exactly like we envisioned. Pricing is very fair and support has been wonderful! Would definitely recommend you."