× Home Secure Cloud Hosting Secure Server Hosting Secure Email Hosting HIPAA Compliance Web Development Mobile Development UI / UX Design About Contact
Rebel Webmail Rebel Control Panel WebSmith Mail Portal

HIPAA Compliance Bundle Features:

data encryption

Protection of data at rest is one of the requirements paramount to HIPAA compliance. Our solutions deliver a military grade encrypted file-system on all the servers to ensure ePHI data stays private. In addition we configure all services where possible to use SSL/TLS protocols for maximum security.

intrusion detection

Included with every server is Symantec.cloud endpoint protection system that continually monitors the server file system and the server network stack for intrusions and malware. The IDS monitors your servers and alerts our staff to any abnormal changes or intrusions based on the real-time threat detection network.

managed backups

The multi-layered backup system is there for your protection. Data stored on your servers is encrypted and stored in a backup repository to prevent accidental data loss. Should there be a need, it is possible to restore any file to a specific point-in-time state. We manage and configure all of this for you.

log management

Log files from critical services are collected and stored for further analytic processing. In addition, we can provide licensing and configure weblog analytic software packages that automate the reporting and compliance process.

minimum access

Access controls are always defaulted to no access unless overridden manually. Default server accounts are disabled, remote management services and ports are blocked by default.

access tracking

All access requests, changes of access, and access approvals are tracked and retained.

phi segmentation

The stored PHI data is segmented both logically and physically by separating back-end database/storage server from the front-end HTTPs servers. This separates publicly accessible sites/api from the data storage.


All network requests are logged, along with all system logs. PHI HTTP/HTTPS requests (GET, POST, PUT, DELETE). Additionally, alerts are proactively sent based on suspicious activity. In addition the key protocols and services are monitored by our NOC for faults and errors.

business associate agreement

We are fully committed to providing your organization with a signed BAA as required in the HITECH Act and recent Omnibus Rule changes. Our goal is to ensure your organizations hosted applications services are fully complaint.


HIPAA Regulations and the Health Information Technology for Economic and Clinical Health Act “HITECH Act” layout a broad spectrum of requirements for businesses and computer systems storing or transmitting electronic private health information “ePHI”.

Under HITECH, mandatory penalties will be imposed for "willful neglect." Obviously what "willful neglect" means will be determined on a case-by-case basis, but speaking in the parlance, we believe that an organization that handles ePHI and does not comply with the requirements can face penalties up to $250,000, with repeat/uncorrected violations extending up to $1.5 million.

That is why Rebel developed the HIPAA compliance hosting bundle that's engineered to cover all HIPAA/HITECH Act requirements for organizations that handle ePHI. We make HIPAA compliance easy and provide a signed BAA with our managed hosting service.

Contact us today for more information