Guides/Medicine
File encryption for doctors: HIPAA-grade, at rest
HIPAA names AES-256 as an acceptable at-rest control. Elba applies exactly that to a folder on your own machine, from inside your browser.
Scope
Elba is appropriate for the personal / secondary storage layer — research notes, personal reference files, drafts. It is not a replacement for a HIPAA-compliant EHR.
Compliance posture
Compliance is a combination of technical controls and written policies. Elba delivers the technical primitive; your practice provides the policy wrapper.
Questions people actually ask
- Does Elba sign a BAA?
- Elba is a local tool; the publisher never touches your files, so a Business Associate Agreement doesn't apply in the usual sense.
- Is 256-bit AES-GCM enough?
- It is the standard the regulation references and what modern cloud providers use themselves.
Take the island
Elba is one HTML file. It runs locally in a Chromium browser, seals a folder with AES-256-GCM, never phones home, and becomes open source on 1 January 2030.
- €49MMXXVI· now ·
- €39MMXXVII2027
- €29MMXXVIII2028
- €19MMXXIX2029
- FreeMMXXX2030
the price falls each year · free to all 1 jan 2030
pay once · no account · nothing leavesRelated guides
- File encryption for therapists and counsellors
Session notes are the most sensitive files most therapists keep. A small, offline, one-time-purchase way to seal them.
- An encryption tool for sensitive documents that fits on a USB stick
Contracts, medical notes, client files. A small, offline encryption tool for sensitive documents — one HTML file, one password.
- Elba vs Tresorit: team cloud vs personal folder
Tresorit is enterprise-grade encrypted collaboration. Elba is a solo, offline folder fence. Two categories, briefly compared.