LiquidFiles helps you meet the technical requirements of HIPAA, Sarbanes-Oxley and PCI DSS for secure file transfer.
The Health Insurance Portability and Accountability Act addresses minimum standards for protecting the security, privacy and confidentiality of patient data transmitted over the Internet. The following table covers the technical safeguards outlined in §164.312:
| Safeguard | How LiquidFiles Satisfies It |
|---|---|
| Access Control — §164.312(a) Allow access only to authorised persons or software programs. |
Dual email verification for accountless authentication, individual user accounts, LDAP/AD integration, two-factor authentication, and SAML 2.0 SSO. |
| Audit Controls — §164.312(b) Record and examine system activity. |
All access, message sends, file downloads, user modifications and admin changes are logged. Syslog forwarding for long-term retention. |
| Integrity — §164.312(c) Protect from improper alteration or destruction. |
Files cannot be modified in transit. Deletion is restricted by authentication and fully logged. |
| Person/Entity Authentication — §164.312(d) Verify identity of persons accessing data. |
Dual email verification, two-factor authentication via smartphone apps, SMS and hardware tokens. |
| Transmission Security — §164.312(e) Guard against unauthorised access during transmission. |
Industry-standard HTTPS with up to 256-bit symmetric encryption. |
SOX requires IT controls ensuring data security, centralised account management and auditable file transfers. Many companies use the COBIT framework for SOX compliance. LiquidFiles addresses the following DS5 (Ensure Systems Security) controls:
| COBIT Control | How LiquidFiles Satisfies It |
|---|---|
| DS5.3 — Identity Management | All users require accounts with authentication. Group-based access rights. LDAP/Active Directory and SAML 2.0 integration. |
| DS5.4 — User Account Management | Web-based user management. LDAP/AD group synchronisation — changes are automatically reflected. |
| DS5.9 — Malicious Software Prevention | Built-in anti-virus scanner with automatic updates. Custom verification scripts can be added. |
| DS5.10 — Network Security | Secure-by-default with host-based firewall configured to permit only required access. |
| DS5.11 — Exchange of Sensitive Data | HTTPS with 256-bit encryption. 448-bit total entropy for download links (128-bit message + 128-bit filelink + 128-bit download key + 64-bit token). Full download receipts with geo-location. |
The PCI Data Security Standard covers security requirements for the payment processing industry. LiquidFiles addresses the following requirements:
| Requirement | How LiquidFiles Satisfies It |
|---|---|
| Install and maintain a firewall to protect cardholder data | Built-in Linux firewall restricts connections to required functions only. |
| Do not use vendor-supplied defaults for passwords | No default passwords. Console access disabled by default. |
| Encrypt transmission of cardholder data across public networks | Industry-standard HTTPS with up to 256-bit symmetric encryption. |
| Assign a unique ID to each person with computer access | LDAP/Active Directory integration for centralised user provisioning. |
| Track and monitor all access to network resources | Complete logging of all uploads, downloads, logins, and partial downloads. Syslog forwarding available. |