Secure Web Hosting for Healthcare

Unfortunately, unsecured web servers are targets for determined hackers. When it comes to managing websites for healthcare providers, security must be a top priority. LuxSci's dedicated web hosting solutions keep online applications isolated to maximize security and capacity.

In addition to increased privacy, dedicated web site hosting also offers increased security and reliability. Organizations that use isolated dedicated servers protect themselves from the poor security choices of others who share their web environment. Using a dedicated server configuration also means that organizations don't need to share memory, CPU, network, disk space, or other resources. Dedicated server clusters are best for accounts that need high availability, high performance, and more fine-grained application and data segmentation. The combination of security, reliability, and performance that dedicated server clusters provide makes them the perfect choice for health care organizations.

Your Role in HIPAA Compliance

Like any HIPAA web hosting solution where you have the ability to design your web site and upload your own scripts and programs, LuxSci provides a compliant environment and you are responsible for ensuring that your web site is designed and implemented in a secure and compliant fashion. I.e., this includes proper use of TLS when appropriate, access auditing and unique identity verification for visitors to your web site that access ePHI, proper encryption of ePHI at-rest, etc.

Secure Web and Database Hosting Features

LuxSci's edicated secure web hosting services, in conjunction with a HIPAA-compliant account, provide a HIPAA-compliant infrastructure where you can host secure web sites and applications. LuxSci can also provide high availability solutions to keep your systems operational even when faced with an unlikely data center failure.

Some key features of Secure Web Hosting features include:

  • Dedicated: Dedicated server clusters to enhance security and flexibility.
  • Maintenance: LuxSci patches and upgrades your operating systems and server software as needed.
  • HIPAA Infrastructure Requirements: LuxSci takes care of HIPAA infrastructure requirements regarding media disposal, backups, restores and related tasks.
  • Anti-Virus Protection: The environment is scanned for vulnerabilities and threats, which are promptly attended to by LuxSci staff.
  • Reporting: Access and auditing reports of your access to our system and management of your web sites are available. Raw web site logs are also available for your analysis.
  • Forced Secure Connections: Connections to services such as FTP and MySQL (to manage your data) are always secure.
  • Web Site SSL/TLS Support: SSL for your web site for secure transmission of ePHI on your application. This includes NIST recommended ciphers, HSTS support, SNI, and more.
  • Databases: LuxSci hosts secure and compliant databases that can store ePHI.
  • Firewalls: Multiple levels of firewalls included with all servers.
  • Intrusion Protection: Our Intrusion Protection system alerts LuxSci staff to any issue on your server.


Show Features

Secure Web Hosting FAQ

No. LuxSci provides managed Linux-based dedicated servers for web hosting.

Yes. It is common for customers to run WordPress on LuxSci servers.

LuxSci does not currently provide a WordPress migration service. We will install a fresh version of WordPress for you. We would suggest that you have your web designer (i.e. the one in charge of designing and maintaining your current WordPress site) assist you in any migrations. S/he may find the WordPress Duplicator plugin very useful for quickly migrating WordPress sites between providers.

Yes, LuxSci will provide non-root SSH access to your server. This is granted only upon request, for security reasons. You can make this request via a Support Ticket.

LuxSci web hosting is a managed service. For security reasons, we do not grant root or sudo-root access to customers.

While you can not edit this file directly, LuxSci support can make requested modifications to it upon request. These modifications are first vetted to ensure that they do not hurt your server's security level.

LuxSci provides custom web site and database management tools (not cPanel) for this purpose. LuxSci also provides a server management tool where you can edit your iptables firewall and view current and historical reports on CPU, RAM, and Disk usage.

Yes. See Standard Backups. We can also set up custom backup and retention schedules for you.

Yes. You would submit your cron job to support for review and they would configure it for you on your server.

LuxSci will review each request for custom software installation and determine if it will be permitted. For things that you can download yourself, build yourself, and install in your own directory tree -- you are welcome to do that. For things that need to be installed server-wide, these will need to be approved by operations and then installed by operations. Things that require manual installations (i.e., which are not in the standard Linux YUM repositories) way incur a consulting fee to install. If you want to be sure about specific packages, please inquire.

NOTE: LuxSci does not support and will not install: nginx, node.js, PostgreSQL, JAVA servlets, .NET, Mongodb, and ruby on rails. Our web hosting platform is strictly a Linux-based Apache, MySQL/MariaDB (including NoSQL), PHP/Perl/CGI system.

Other questions? Call Sales

eBook: HIPAA-compliant Website Basics

Creating and managing HIPAA-compliant web sites

Book 2 in the LuxSci Internet Security Series.

Created by Erik Kangas, PhD

Get the HIPAA eBook

find out why healthcare organizations trust LuxSci with their patient data

Null