HIPAA Compliant File Sharing

FileFlex Enterprise stands out as the perfect HIPAA-compliant file sharing and collaboration solution for both HIPAA Covered Entities and HIPAA Business Associates. This is achieved through hosting the FileFlex server, which is done either by the HIPAA Covered Entity directly or by the HIPAA Business Associate providing FileFlex services to the HIPAA Covered Entity. Importantly, no Protected Health Information (PHI) or Personally Identifiable Information (PII) is stored or transmitted to Qnext or any third-party entities.


See also Protecting Personal Health Information (PHI) and HIPAA Compliant File Sharing Using Zero Trust Data Access (ZTDA) and Protecting Access and Sharing of Personal Health Information with ZTDA for Windows.

Security of data-at-rest and data-in-motion

Data at rest is securely stored on the HIPAA entity or associate’s pre-existing HIPAA-compliant and protected storage infrastructure. Meanwhile, data in motion is encrypted and transferred via servers hosted either by the HIPAA covered entity or the HIPAA business associate.

Downloading can be prohibited

When following HIPAA compliance policies, files can be shared in a view-only mode, and downloading to local devices is restricted.

HIPAA compliant file sharing and collaboration with no local copies

File sharing and collaboration occur directly from the HIPAA entity or associate’s source location, without any copies being stored on remote devices or third-party servers.

Restrict file sharing and collaboration to HIPAA entities or associate contacts

File sharing and collaboration can be limited to HIPAA covered entities or business associate contacts.

CISO level third party tested

FileFlex Enterprise underwent evaluation by an independent, third-party information security firm at the CISO level. They thoroughly reviewed the information security capabilities introduced by FileFlex Enterprise, conducted a Threat Risk Assessment (TRA), and ensured compliance with HIPAA requirements for data privacy and security. The FileFlex application and its infrastructure successfully passed a rigorous red-team, penetration testing assessment using a black-box methodology. For full test results and the testing certificate, kindly reach out to a Qnext representative.