Secure medical record transfer
Send patient records, imaging, and clinical documents with client-side AES-256 encryption, EU hosting, optional OTP-verified delivery, and automatic expiration — built for the confidentiality requirements of health data under GDPR.
Confidential by default
Files are encrypted in the browser before upload. In passwordless mode the decryption key never reaches our servers, so we cannot read patient data — only your recipient can.
Kept in the EU
Record data is stored exclusively in the European Union (Supabase Storage & OVHcloud Paris), avoiding cross-border data transfers that complicate GDPR health-data processing.
Auto-expiring
Transfers expire automatically (24h by default, up to 72h on free) and are purged from storage every 10 minutes — limiting how long sensitive data exists at rest.
How beTransfer maps to health-data requirements
The platform provides technical and organizational controls that correspond to common requirements for processing health data. This is a technical mapping, not a legal certification.
| Requirement | How beTransfer addresses it |
|---|---|
| Confidentiality of health data | Client-side AES-256-GCM encryption; decryption key stays with sender/recipient in passwordless mode (zero-knowledge). |
| Data residency in the EU | File storage and database are EU-hosted (Supabase + OVHcloud Paris). No file-content replication outside the EU. |
| Recipient authentication | Verified delivery requires a one-time passcode (email, SMS, or crypto challenge) before the recipient can download. |
| Storage limitation | Automatic expiration with a cleanup job running every 10 minutes; manual deletion available to the sender at any time. |
| Integrity & tamper detection | GCM authenticated encryption detects ciphertext modification on decryption, rejecting tampered files. |
| Secure transport | HTTPS/TLS with HSTS preload for all traffic. |
| Access logging | Download events are logged and retained for 30 days for audit, then purged. |
Compliance note: beTransfer.eu provides security controls suitable for sensitive transfers but is not a medical device or a HIPAA Business Associate offering. Entities regulated by HIPAA, the EU GDPR health provisions, or national health-data laws should confirm with their own compliance team that these controls satisfy their specific obligations before processing patient data.
Send a medical record in three steps
-
Add the file & choose encryption
Select the record (PDF, DICOM zip, imaging, lab report) in the upload area. Client-side end-to-end encryption is enabled by default — the file is encrypted in your browser before it ever leaves your device.
-
Set expiration & verified delivery
Choose how long the link stays valid (24h default, up to 72h on free). Enable verified delivery to require an OTP (email, SMS, or crypto challenge) from the recipient before download is permitted.
-
Share the link securely
Send the share link to your recipient. The decryption key lives in the URL fragment, which servers never receive — so the link itself is the key. The transfer auto-expires and is deleted from storage on schedule.
Medical record transfer — common questions
Is beTransfer.eu suitable for sending medical records?
beTransfer.eu provides technical controls that support secure medical record transfer: client-side AES-256-GCM encryption, EU hosting, OTP verified delivery, and automatic file expiration. Organizations subject to HIPAA or other health-data regulations should confirm with their own compliance team that these controls meet their obligations.
Are medical files encrypted end-to-end?
Yes. Files are encrypted in the browser before upload using AES-256-GCM. In passwordless mode the decryption key stays in the URL fragment and is never sent to the server, so beTransfer.eu cannot read file contents.
Where are uploaded medical records stored?
File data is stored exclusively within the European Union, using Supabase Storage for files up to 50 MB and OVHcloud Object Storage in Paris, France, for larger files.
How long are medical records kept?
Transfers expire automatically — 24 hours by default on the free tier (up to 72 hours). Expired files are deleted from storage every 10 minutes. Senders can also delete a transfer manually at any time.
Can I require the recipient to verify their identity?
Yes. Verified delivery lets you require a one-time passcode via email, SMS, or a crypto challenge before the recipient can download. This adds an authentication layer on top of the share link.
What file types and sizes are supported?
Allowed file types are defined by a MIME-type allowlist (PDFs, images, documents, archives, video, audio, and more). On the free tier, transfers up to 200 MB are supported. See the upload page for the current list of accepted types.
Send patient records the secure way
Encrypted in your browser, hosted in the EU, expired automatically. No account required to start a transfer.