Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Serv-U - Knowledgebase Articles > HIPAA complient document for Serv-u

HIPAA complient document for Serv-u

Table of contents

Updated March 27, 2017


HIPAA based compliancy is about putting in place well defined policies, procedures and practices with required levels of oversight across their organization — specifically, that you are monitoring unusual system activity, authorized and unauthorized system configuration changes and user access levels.
There is no specific document that qualifies HIPAA. However, there are several areas and practices Serv-U can follow that help live under their defined or HIPAA guidelines. Some of this information references other compliance but the concepts of protecting and auditing apply across the compliance board.


all Serv-u MFT versions


Serv-U has User and Group Statistics (Auditing & Reporting).

Serv-U uses FIPS 140-2 validated cryptography, and have earned a rare Certificate of Networthiness (CoN) from the U.S. Army.
Serv-U Gateway component is engineered to ensure that no data is ever stored in the DMZ, and that no connections are ever made from the DMZ into an internal network. When used with Serv-U, Serv-U Gateway meets or exceeds requirements in PCI DSS 2.0, HIPAA, SOX (Sarbanes-Oxley), PIPEDA and many other regulations and policies.

Future proofing Serv-U
For reference on how to deploy Serv-U to meet PCI DSS 3.2 requirements see FTP Server PCI Compliance.


Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.


Last modified