Bitdefender GravityZone and HIPAA
Bitdefender is Health Insurance Portability and Accountability Act (HIPAA) certified to satisfy the requirements of HIPAA Security Rule and the requirements of HIPAA Breach Notification Rule as formalized by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 and the Omnibus Rule of 2013.
Our security controls are audited each year following Health Insurance Portability and Accountability Act provisions. The first page of the report is available here and the full report can be obtained upon request.
Bitdefender also has in place specific privacy policies for business solutions. Bitdefender's privacy policies are available here.
GravityZone Cloud solution
GravityZone Cloud is an enterprise security solution with a unified management console that is hosted by Bitdefender. GravityZone provides a single point for deploying, enforcing, and managing security policies for any number and any type of endpoints in any location.
Bitdefender does not directly receive, store, process, or transmit electronic protected health data (ePHI). As a provider of software-as-a-service (SaaS) security services, Bitdefender offers security capabilities to its customers, and the customers may implement those services in their own ePHI environment. The organization does not manage or store any customer ePHI, and telemetry data is transmitted via Transport Layer Security (TLS) protocol to Bitdefender.
To be in line with HIPAA regulations, please make sure you do not submit files that may contain electronic protected health data (ePHI) to Sandbox Analyzer or other Bitdefender services for additional analysis.
Legal notice
Please be advised that it is entirely your responsibility to check your compliance with any piece of legislation, including HIPAA, and by presenting the above information Bitdefender expressly disclaims any and all liability regarding your compliance with HIPAA and your conduct in relation to HIPAA or any other legal requirements you may be subjected to. For the avoidance of any doubt, by using Bitdefender Solutions, including GravityZone, Bitdefender does not warrant in any way your compliance to any piece of legislation, including HIPAA. The above does not represent legal guidance and you are encouraged to seek legal advice with respect to the above or any other legal related topic.