PHI-compliant Cloud Storage and Online Backup Service
eazyBackup is a privacy-focused Canadian ePHI-compliant cloud storage provider. On request, eazyBackup will provide a signed information manager agreement for its users.
- We provide built-in end-to-end encryption that cannot be disabled
- Only you can access your data. We can’t access your data and no one else can either
- 100% Canadian owned cloud storage located in Canada, meet you provincial healthcare compliance such as PHIPA
About Data Security
eazyBackup software always encrypts all user data before sending or storing it, using strong AES-256-CTR with Poly1305 in AEAD mode with high-entropy random keys. The user’s password is used to derive two 192-bit keys via PBKDF2-SHA512, with hard-coded parameters for repeatable output.
Your data at rest:
When eazyBackup sets up a Storage Vault for the first time, it generates two high-entropy random keys (the 256-bit “A” and 128-bit “E” keys). All user data in the Storage Vault is stored encrypted with the A-key using AES-256 in CTR mode, and authenticated using Poly1305 in AEAD (encrypt-then-MAC) mode. The only party with the decryption key is your company/the backup user. This ensures total privacy of the ePHI data.
Physical Location of the Data
eazyBackup is based in Saskatoon, SK and operates from Sasktel's Tier III SOC2 Certified Data Centre, which is certified by KPMG and the Uptime Institute.
The Data Centre is protected with 24/7 onsite bonded security personnel and CCTV cameras monitoring access and infrastructure.
Access to the Data Hall within the Data Centre is governed by strict security policies. Access is controlled with biometric scanners in conjunction with key-card access. Physical entry is electronically secured and physically monitored.