BOS knows the challenges of building and maintaining HIPAA compliant applications and understands how that cost and overhead grows exponentially for an enterprise managing multiple HIPAA compliant applications across multiple teams.
That’s why we built BOS to be a HIPAA conformant product framework that allows you and your teams to integrate multiple products on a common backend and ensure each new project is also integrated and HIPAA conformant from day one.
Here are some of the HIPAA conformant features you get with BOS:
Multi-tenancy with Data Isolation
- All BOS APIs natively support physical separation of data per API per tenant
User Authorization and Access Control
- OAuth based identity provider
- Multi-factored authentication
Authorization Monitoring
- BOS uses AWS CloudTrail to enable governance, compliance, operational auditing, and risk auditing
Data Backup
- Daily scheduled backups of the database
- A policy-based backup solution which enables the user to meet market specific regulatory requirements
Remediation Plan
- Logging and auditing of each activity
- DevOps process which allows rollback of any change in the system
Emergency Mode
- Business continuity and disaster recovery plan
- Active-Passive failover
Automatic Logoff
- Session management
- Auto log-off setting on the resource
Data Encryption and Decryption
- AWS RDS-based data protection policy which restricts unauthorized access to the underlying storage
