A healthcare company in the US needed a way for customers and other healthcare providers to send them supporting documents. Knowing that email wasn’t secure enough, they were looking for a HIPAA-compliant solution that could securely receive files into a Google Workspace folder for a staff member to review.
But receiving the documents in a secure way was only part of the problem. Ideally, customers themselves could also upload documents like proof of identity. In these cases when customers would be the ones sending these files, the company needed to reassure them that they were in the right place and that their data would be secure.
The company had already researched some solutions and was already using AWS for other purposes. They came to the conclusion that AWS could work for their use case, but it would require building a custom application, which would be costly and time-consuming to implement and manage.
HIPAA regulations meant they couldn't just email files or use basic cloud sharing. They needed secure, encrypted transfers that could be audited with clear reporting data to meet compliance.
While they'd found a few solutions that could solve part of the problem, they wanted an all-in-one platform that could not only handle these specific scenarios, but also other secure transfers between cloud storage platforms they might need in the future.
The company discovered Couchdrop through the page SFTP for healthcare and booked a call to check for HIPAA compliance and to make sure that Couchdrop was suitable for the specific use case. They learned that there were multiple options that could accomplish their goal.
One option was to create SFTP users for customers that could only upload files to a specific folder. While this option would work well for receiving files from other providers, it wasn't feasible for direct customer uploads, both logistically and from a technical standpoint.
The better solution for customer uploads was upload links. The problem was that the default portal had no indication that customers were in the right place. Fortunately, the upload portal can be white-labelled with custom branding, and once the company saw that they could use their own logo and colours, they knew it would instill trust and would be suitable for customer uploads.
Couchdrop became a simple, all-in-one solution for both provider-to-provider transfers via SFTP, and for customers to securely upload documents into cloud storage where staff members could review them. The new process eliminated processing bottlenecks, while being simpler and more secure than their previous methods, helping to save time and ensure the company met HIPAA compliance for their file transfers.