BOS Supports HIPAA Conformance Out-of-the-Box

BOS Supports HIPAA Conformance Out-of-the-Box

BOS knows the challenges of building and maintaining HIPAA compliant applications and understands how that cost and overhead grows exponentially for an enterprise managing multiple HIPAA compliant applications across multiple teams.

That’s why we built BOS to be a HIPAA conformant product framework that allows you and your teams to integrate multiple products on a common backend and ensure each new project is also integrated and HIPAA conformant from day one.

Here are some of the HIPAA conformant features you get with BOS:

Multi-tenancy with Data Isolation

  • All BOS APIs natively support physical separation of data per API per tenant

User Authorization and Access Control

  • OAuth based identity provider
  • Multi-factored authentication

Authorization Monitoring

  • BOS uses AWS CloudTrail to enable governance, compliance, operational auditing, and risk auditing

Data Backup

  • Daily scheduled backups of the database
  • A policy-based backup solution which enables the user to meet market specific regulatory requirements

Remediation Plan

  • Logging and auditing of each activity
  • DevOps process which allows rollback of any change in the system

Emergency Mode

  • Business continuity and disaster recovery plan
  • Active-Passive failover

Automatic Logoff

  • Session management
  • Auto log-off setting on the resource

Data Encryption and Decryption

  • AWS RDS-based data protection policy which restricts unauthorized access to the underlying storage