Frequently Asked Question: FAQ:

Is it safe to store patient data on OneDrive?

Other FAQs


Many healthcare organizations are already using Microsoft Office 365 Business Essentials, including exchange online for email. Office 365 Business Essentials includes OneDrive Online, which is a convenient platform for storing and sharing files.

Microsoft OneDrive offers HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. Given Microsoft offers a HIPAA-compliant secure storage option, it means OneDrive, in conjunction with PicSafe, can use used to help you comply with HIPAA and HITECH. Please see the Microsoft and HIPAA and the HITECH Act page on their website for more detailed information.

Microsoft is, however, a US company and, hence, raises the issue of data sovereignty.

According to the Microsoft website, OneDrive for Business stores the data of customers in one of many data centers around the world. Check the website to see they would store it for your country. Technically speaking, then, it sounds like you can use OneDrive if they store data in your country.

The "Office 365 Business Essentials" plan, may be all you need. That gives you 1TB of storage which should be enough for roughly 200,000 photos. If you require more storage space, you can upgrade to various paid plans.