# Cloud Storage and Online Backup Service for Protected Health Information eazyBackup is a privacy-focused Canadian ePHI-compliant cloud storage provider. On request, eazyBackup will provide a signed information manager agreement for its users. * We provide built-in end-to-end encryption that cannot be disabled * Only you can access your data. We can’t access your data and no one else can either * Canadian data residency comply with Canadian data privacy laws such as PHIPA, PIPA, HIA etc. ### Data Residency eazyBackup provides cloud storage services from our data center in Ottawa, ON, ensuring that your data remains within Canadian borders. Access to the data hall is governed by strict security policies. Access is controlled with biometric scanners in conjunction with key-card access, ensuring only authorized personnel can enter. Physical entry is electronically secured and continuously monitored to guarantee the highest level of security for your data. ### Controlled Goods Program (CGP) Registered Additionally, our security policies and procedures are routinely reviewed by the Controlled Goods Program (CGP). The CGP requires us to follow specific protocols ensuring that our employees meet strict security criteria and adhere to rigorous access controls. In addition to staff protocols, the CGP also ensures that our data is stored securely and that our cabinets and data center meet specific security requirements. {% embed url="" %} ### Data Encryption Our cloud backup software always encrypts all user data before sending or storing it, using strong AES-256-CTR with Poly1305 in AEAD mode with high-entropy random keys. The user’s password is used to derive two 192-bit keys via PBKDF2-SHA512, with hard-coded parameters for repeatable output. [Data Encryption – Understanding Our AES-256 Encryption & Key Management](/documentation/data-encryption-understanding-our-aes-256-encryption-and-key-management.md) #### **Your data at rest:** When the eazyBackup software creates your Storage Vault for the first time, it generates two high-entropy random keys (the 256-bit “A” and 128-bit “E” keys). All user data in the Storage Vault is stored encrypted with the A-key using AES-256 in CTR mode, and authenticated using Poly1305 in AEAD (encrypt-then-MAC) mode. \ \ The only party with the decryption key is your company/the backup user. This ensures total privacy of the customer data. *** [eazyBackup](https://eazybackup.com) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.eazybackup.com/faqs/cloud-storage-and-online-backup-service-for-protected-health-information.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.