Your browser does not have JavaScript enabled. JavaScript is used to enhance both BitLeap’s website and our Customer Control Panel. You may not be able to use all the functions of our website properly with JavaScript disabled. Sorry for any inconvenience this may have caused.

Loading Data...

FAQs get back to the FAQs

HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley Compliance?

Are we compliant? We sure are. We even have a handy HIPAA compliance statement from our CEO (see below).

Legal regulations that force security and privacy standards for data protection, backup and security are a bit of a moving target. Many of them, such as Sarbanes-Oxley require that an independent IT auditor help craft and sign off on an overall plan for the regulated entity. These plans can detail just the organization’s data security policies or can be more all-encompassing by covering a full business continuity and appropriate controls policy.

Either way, BitLeap® has designed all of our products and services to be flexible enough to respond to the varying security needs of our customers

Our default technical, physical and policy-based security measures are boarding on overboard as it is. However, you never know what security requirements a particular customer may ask for. Therefore, just about every technical area of our products and services are addressable to specific security setups. From encryption methodology to physical asset location to fully private backup resources, BitLeap can accommodate a wide range of customized installations. If you want your data backups to exist only on your own equipment at your own sites with your own unique technical security policies, we can do it.

BitLeap HIPAA Compliance Statement

It is hereby stated that BitLeap’s products and services meet the physical and technical standards, as well as, provide all necessary controls for our customers to maintain their administrative standards, which have been authorized in the Final Rule adopting HIPAA standards published in the Federal Register on February 20, 2003.

This document is not to be interpreted as indicating or otherwise implying that an organization using BitLeap’s products and services are necessarily in full HIPAA compliance with regard to their policies, procedures, and safeguards as a whole.

BitLeap’s products and services, including server management, offsite data backups, and virtual private networking services, represent a valid approach to addressing specific standards as a part of a covered entity’s overall HIPAA compliance plan. BitLeap also faithfully follows HIPAA standards in regard to transmission security, encryption, physical security, access control, and other HIPAA standards that are applicable to our products and services.

As stated in HIPAA Rules and Regulations section 164.314(a)(2)(i)(A), BitLeap agrees to:

Implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic protected health information that it creates, receives, maintains, or transmits on behalf of the covered entity as required by this subpart; …

In summary of BitLeap’s responsibilities under the Business Associate standard of HIPAA rules and regulations, BitLeap has implemented “reasonable and appropriate safeguards to protect” the covered entity’s electronic protected health information. [164.314(a)(2)(i)(B)] Furthermore, BitLeap agrees to “Report to the covered entity any security incident of which it becomes aware.” [164.314(a)(2)(i)(C)] In accordance with section 164.314(a)(2)(i)(D), BitLeap agrees to “authorize termination of the contract by the covered entity, if the covered entity determines that the business associate has violated a material term of the contract.”

This statement has been approved and authorized by:

Guy's Signature Image

Guy W. Suter – CEO