Guides/Medicine

File encryption for doctors: HIPAA-grade, at rest

HIPAA names AES-256 as an acceptable at-rest control. Elba applies exactly that to a folder on your own machine, from inside your browser.

Scope

Elba is appropriate for the personal / secondary storage layer — research notes, personal reference files, drafts. It is not a replacement for a HIPAA-compliant EHR.

Compliance posture

Compliance is a combination of technical controls and written policies. Elba delivers the technical primitive; your practice provides the policy wrapper.

Questions people actually ask

Does Elba sign a BAA?
Elba is a local tool; the publisher never touches your files, so a Business Associate Agreement doesn't apply in the usual sense.
Is 256-bit AES-GCM enough?
It is the standard the regulation references and what modern cloud providers use themselves.

Take the island

Elba is one HTML file. It runs locally in a Chromium browser, seals a folder with AES-256-GCM, never phones home, and becomes open source on 1 January 2030.

  1. €49MMXXVI· now ·
  2. €39MMXXVII2027
  3. €29MMXXVIII2028
  4. €19MMXXIX2029
  5. FreeMMXXX2030

the price falls each year · free to all 1 jan 2030

pay once · no account · nothing leaves

Related guides