HIPAA Compliance

Find out how managed file transfer software can avoid data breaches
and ensure HIPAA compliance is maintained at all times.





Maintaining HIPAA Compliance with Diplomat MFT

Keeping protected health information (PHI) safe is more than just a business imperative—it is a legal requirement. As a practical matter, data protection is important to maintaining brand trust and avoiding costs associated with a data breach. On average, costs associated with a data breach are $4.35 million, but healthcare organizations average $10.10 million. Included in that figure are fines under various laws requiring that organizations protect private information.

Depending on where your organization operates, different regulations apply, including:

  • U.S. – Health Insurance Portability and Accountability Act – (HIPAA)
  • Canada – Personal Information Protection and Electronic Documents Act – (PIPEDA)
  • EU – General Data Protection Regulation – (GDPR)

These laws mandate that organizations responsible for collecting and managing PHI keep that data safe, both when in storage and when transferring it between entities.

Diplomat MFT can play a vital role in your data privacy and information security program for managing PHI. By automating critical elements of the secure file transfer management process—like encryption, scheduling, and notifications—Diplomat MFT makes it easy to establish secure workflows to send, receive, host, and retrieve PHI as well as related data like patient insurance and financial information.

Many healthcare services providers, including some of the largest entities in the U.S., already trust Diplomat MFT to keep their PHI and other mission critical data safe. You can trust us, too. And unlike many of our competitors, we are ethically priced, so you’ll save money while keeping patient and customer PHI safe. Download a free trial to see for yourself; or contact us with any questions and for a no obligation demonstration.

Arrange a no-obligation demonstration

Case Studies

Diplomat MFT Software in Action: Molina Healthcare

Molina Healthcare needed to centralize secure file transfers with a solution that would integrate into their existing IT infrastructure. Diplomat MFT software simplified management of secure file transfers while meeting HIPAA compliance requirements.

Diplomat MFT Software in Action: CHRISTUS Health

CHRISTUS Health needed cost-effective, high-availability Managed File Transfer software to demonstrate compliance with HIPAA and other mandates. Diplomat MFT software centrally controls Managed File Transfer and reduces file transfer problems.

How to Comply with HIPAA/HITECH

The Health Insurance Portability and Accountability Act (HIPAA) established national standards for the security of electronic health care information with both civil and criminal penalties for non-compliance by covered entitles, such as hospitals or physician practices. The HITECH Act of 2009 extended these penalties beyond covered entities to their business associates and established more rigorous enforcement policies.

{We are using the application to transfer ACH files to the banks. We also really like the ease of implementation and the great support we got from the team at Coviant.
Dennis C. Sr Busines Analyst in US
"Easy to Use with Great Customer Support"
{Ease of use - Efficient - Adapts to different industries - Friendly teamThis software allows me to sleep at night, trusting that all of the files I send with sensitive information will be secure!
Verified Reviewer
"Powerful Program!"
{We're using Diplomat to move PGP encrypted payment files to various banking providers using SFTP. Nice browser interface. Templated workflows to simplify SFTP and PGP automation. Best priced solution for the functionality provided.
John A, Director in UK
"Managed file transfer software at a reasonable price"
{Very easy to use, great customer service, and does everything we need it to do. Everything is as expected. I do not have anything that I dislike about the product.
Kyle M. Systems Administrator in US
"Very easy to use & great customer service"
{Helped consolidate all file transfers using various other tools and automate manual activities into one centralized enterprise MFT. Support has been outstanding with product.
Sr Manager EDI/Encounters in US
5 Stars for Diplomat MFT
{We used Coviant Diplomat to send Secure file transfer to Bank and receive back acknowledgment files. With the help from Software Engineer, the initial set up was rather quick. The stabilization period took a bit of time to work through all the different scenarios. Overall, it is a quality and cost-effective option for our purpose.
Sr. Manager, SAP/ERP Applications in Canada
"Cost effective option to automate Secure file transfer"
{Coviant does a great job supporting their product. That is increasingly rare these days. Of all of the products we use in our enterprise Diplomat is one we can get immediate support for in the event that we have any questions or issues.
Scott J. Sr Engineer, Applications in US
"Excellent Customer Support & Responsiveness"
{Coviant does a great job supporting their product. That is increasingly rare these days. Of all of the products we use in our enterprise Diplomat is one we can get immediate support for in the event that we have any questions or issues.
Sr Engineer, Applications in US
"Excellent customer support & responsiveness"
{Kicked the tires with the trial version. Liked what I saw. Liked that Coviant was there every step of the way to answer questions. Customer Support is handled by the company, not outsourced.
Principal in US
"Strong Feature Set, Great Value"
{Our client didn't want to be in the position of having unsupported software for too long and it's almost been six months since RepliWeb's End of Life and end of support for that software. We had a great experience from the first initial call. It was refreshing to deal with a team that were honest but confident in their solution. They always had time to answer our questions and would update us about the development of v9.1.
Sean Mullins, Director
"Ideal RepliWeb MFT Replacement"

HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) established national standards for the security of electronic health care information with both civil and criminal penalties for non-compliance by covered entitles, such as hospitals or physician practices.

File Transfer Protocols

Supports All Major Transfer Protocols


PGP Encryption

Best In Class PGP Automation

Encrypt, decrypt, sign or verify encrypted files with a simple checkbox

Workflow Triggers

Comprehensive Source File Selection And Triggers

Transfer the right files the first time by selecting by name patterns, dates, sequence numbers, all with support for trigger files for the whole batch or per-file. Specify the order files should be transferred, including time-based or alphabetically.

Remote Agents

Transfer Files Using Remote Agents

Send files to or from branch locations or partner sites using built-in OpenPGP authentication and encryption, checkpoint restart, and checksum file integrity checking


Diplomat can synchronize that source directory structure to any number of destinations. Those destinations are often installations of the Diplomat Remote Agent, offering extensive control, very strong security, and a high level of confidence with SHA-256 checksum integrity validation. 

Cloud Integration

Connect To A Range Of Cloud Storage Providers

Amazon S3, Microsoft Azure, Box, Citrix ShareFile, Dropbox, Google Cloud, Oracle Cloud and more

Enterprise Scheduler

Enterprise Class Scheduling And Folder Monitoring

Schedule jobs down to the minute, including Calendars for exclusions, execution time windows and more, or monitor any accessible shared folder


Control Diplomat MFT Using Its REST API

Initiate, terminate, and monitor file transfer jobs and more from app servers or using your DevOps tools or enterprise job management platforms

Secure & Efficient

Secure And Operationally Efficient

Simple interface with options for full alerting, auditing, multi-role administration, file archiving, and extensive logging combine to make operational management pain-free

Why do all School Buses Look the Same? (TL;DR: Standardized = good)

When things are standardized, operations are safer, easier, and more cost effective.

Automating and Securing HR Data Transfers to AbsenceSoft

One of the many things I love about my job is hearing from our customers how Diplomat MFT helped them solve a data management and compliance problem. Turns out there are a lot more ways secure, managed file transfer can help organizations interact with customers and...

Coviant Software: Your Trusted Partner for HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 and is one of the first regulations to apply specifically to securing a type of information we now know as protected health information (PHI) in electronic or digital form, both when...

With Diplomat MFT, CitiConnect Compliance is as Simple as 1-2-3

One of the big advantages of a well-built, commercial, secure managed file transfer (MFT) solution compared to an in-house, DIY approach, is an architecture with broad support for integrations and protocols that enable interoperability with other organizations. Many...

Frequently Asked Questions

How does Diplomat MFT help clarify issues of data provenance when information is transferred and stored in a third-party cloud service like AWS, Google Cloud, and Azure?

Data provenance (also known as data ownership or stewardship) is especially important for maintaining regulatory compliance regulations like GDPR, where data created within one country cannot leave those borders. Cloud services, like AWS and Azure, provide features and controls around the location of data that is stored, but care must be taken to ensure misconfigurations don’t result in data being sent to the wrong place and that other connected systems aren’t taking data and moving it where it should not be. That’s why Diplomat MFT with workflow and encryption automation is important to minimize the opportunity for human error as part of a security and compliance strategy for regulations like HIPAA, GDPR, PIPEDA, etc.

How does Diplomat MFT help ensure files are sent to the right place, and does Diplomat MFT alert the user if an error occurs, or a mistake is made?

When Diplomat MFT uploads a file, the encrypted protocol provides integrity checking of data packets, so it knows that the file arrived unmodified at its destination.  We can further enhance that by encrypting the file before it is sent to the recipient, ensuring that it is both encrypted onlyfor that recipient, and that we digitally signed the file so the recipient verifies the sender and that the file has not changed.

Once a file is delivered to a recipient, it is completely out of our control.  But Diplomat MFT keeps both audit records and copies of the files in archive to protect the sender if the recipient alters the contents of the file (intentionally or accidentally). By cross-referencing Diplomat MFT archived data, the sender can protect itself by proving what was delivered.

HIPAA makes provision for sending PHI to patients who are not likely to have means of secure receipt or may not support encryption, provided the documents are protected to the point of receipt. Can Diplomat MFT do that?

Yes. Diplomat MFT encrypts files with OpenPGP and also encrypts transmissions using the SFTP (and also HTTPS and FTPS) protocol, so even if the recipient’s systems are not secure, the sender is able to comply with their part of HIPAA. What’s more, Diplomat MFT also supports secure fax by retrieving PDF files from back-end systems or via file share, and putting them into the proper location for the secure faxing software to take over.

Does Diplomat MFT protect PHI when mobile devices are used to share them?

Diplomat MFT is not (yet) a mobile application. However, if mobile devices are used for sending data to IT systems in a hospital, medical lab, dentist office, or other healthcare environment, Diplomat MFT can play a role in automating file transfers from that point forward (or when bringing data from external sources into those IT systems).

Why Demo Diplomat MFT?

Our Demos are designed to allow you to see the capabilities of our software as well as ask any questions and confirm that Diplomat MFT will meet the needs of your business.

Schedule a Demo