How do I provide a truly secure FTP site for my client to upload files with sensitive data (PHI - Personal Health Information, as referred to by HIPAA)?
I currently only have a Launch account, but will upgrade as necessary to provide a secure FTP site. All I've used up to now is email, so I'm not even sure whether someone can upload a file to my site anyway, so I need to know how that works as well. I am wondering if your article saying to just running it through TLS or SSL to make it secure (like when using FileZilla) is enough?