Link to home
Start Free TrialLog in
Avatar of jdana
jdanaFlag for United States of America

asked on

RC4 HIPAA-Compliant

A client wants to send me some medical records on which I'll conduct a budgetary analysis.  The data-transfer must be HIPAA compliant.  The client has suggested SFTP or PGP over FTP.  They insist that they push the data to my FTP server.  Presently, I don't have an FTP server set up.  I could do it, but there's got to be an easier way.  It's only one batch of data, after all.  Their data is currently in a CSV format.  I'm looking at the Security tab in Excel (2003) as a possible solution.  Under the Advanced options, there are all sorts of "RC4 encryption" options.  If they saved their CSV data as an XLS file and then encrypted it using, for example, 128-bit "RC4, Microsoft Strong Cryptographic Provider" would a simple email containing this email be HIPAA compliant?
ASKER CERTIFIED SOLUTION
Avatar of Dave Howe
Dave Howe
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jdana

ASKER

Dave, I couldn't have asked for a more thorough response.  Thank you.