Google Drive is a popular program that has been around for a number of years now, allowing for organized storing of Google Docs, photos, email attachments, etc. A powerful (and free) tool, Google Drive is a strong choice for storing and sharing information. While great for individuals, how does Google Drive work for larger businesses? For many businesses, industry compliance is a major concern that needs to be considered when choosing a medium for storing and sharing documents. Many wonder if using Google Drive for saving and sharing confidential information meets guidelines set by the Securities Exchange Commission (SEC) and HIPAA.
While it is possible to maintain compliance with organizations like the SEC and HIPAA using Google Drive, it becomes evident this was not Google Drive’s original intent, and trying to maintain compliance becomes tedious.
Google is not set up to be automatically compliant. Businesses must determine if they are governed by SEC and HIPAA policies individually and take steps to modify their Google Drive account from there. It is possible for businesses to start storing information on Google Drive in a way that is not in compliance with regulatory standards, and Google won’t catch it for you. Individuals and businesses must configure Google’s viewing and sharing features to make them confidential, so that only authorized individuals will have access to certain documents.
Google Drive security offers some services that allow you to securely store confidential information, but in order to do this, Google requires the business to sign and fill out a Business Associate Agreement. This agreement will encompass all parts of the Google Platform, including Google Drive, Calendar, Gmail, Sites, and Apps.
What does this mean for consumers? It means that some businesses that deal with confidential information and use Google Drive to store it may be in compliance, but there is no guarantee. If they have filled out and forgotten about the Business Associate Agreement, this information could be passed back and forth to be viewed by unauthorized individuals.
Why Is Security So Important?
The SEC has placed certain laws in effect that help to protect individuals by forcing organizations that store personal information to meet certain standards. Businesses that obtain your personal information must follow these laws in order to ensure that you and other authorized personnel are the only ones who have permission to see the information.
A good example of this is when you go in to visit the doctor. Your doctor will keep track of your vitals, some of the questions you have, and anything new that might come up during the checkup. This information must be kept confidential. The doctor cannot go to their colleague and discuss what occurred unless they are transferring your file over for a second opinion. The nursing staff cannot sell your information to insurance companies to make some money on the side. Only authorized personnel have access to this information. When a slip-up occurs, the offending business may be fined or individuals may be temporarily suspended.
A Better Choice
A better option to use if your business wishes to become SEC and HIPAA compliant is eFileCabinet. eFileCabinet was originally designed to meet all of the requirements for SEC, HIPAA, and FINRA privacy and can take the work out of figuring things out on your own. Our support team is here to help all our customers set up SEC-compliant systems so you can serve your customers in the best way possible. This system is much easier to use, can keep all of the personal information you need to store secure, and with a helpful support staff around to be your guide, you can be well on the way to a happy relationship with eFileCabinet without worrying about following the laws.
In eFileCabinet documents can be locked down and permissions given to only appropriate individuals and departments through role-based securities. When an employee is terminated, permissions can be immediately changed and the former employee locked out. No need to re-key cabinets and offices to protect your valuable data, or to go in manually to remove a Google account from the “can view or edit” on the Drive. Permissions can also be applied to individual documents within a cabinet or drawer for individuals or departments. They can be changed quickly and intuitively, with minimal notice, as the situation dictates.
All of the information stored with eFileCabinet is protected with 256-bit encryption. 256-bit encryption is extremely secure, about 2,000 times more secure than the standard 128-bit encryption, which many banking websites use. We also use SSL (secure sockets layer) encryption, a security protocol which protects confidential information sent between a web client and a server. eFileCabinet’s data centers are SAS (statement on auditing standards) 70 Type II certified, meaning that our network infrastructure and security has met rigorous safety and security standards. eFileCabinet’s commitment to data security also makes it very easy for users of our products to meet industry compliance standards set by organizations like HIPAA, FINRA, and the SEC.
To learn more about how eFileCabinet can help you organization maintain compliance and preserve confidentiality, fill out the form on this page for a 15-minute demo.