I am not a legal advisor, but I highly recommend against you using DropBox. It is not designed to be compliant to HIPAA standards, and allows your staff to easily access data in an unprotected way from home.
The limitation has mostly to do with the AFP that is being used for the file shares. You may have success sharing your folders via WebDAV (listed as sharing to iPads/iOS in Server.app) which uses an HTTPS protocol, or by sharing via SMB. You can also enable NFS sharing via command line.
If you are looking for a cloud-based file sharing solution, I would be sure to find one that uses some sort of encryption for data transmission as well as data storage.
Sharing machines across different clients with short login/logout has also caused me a problem. The AFP protocol creates the mount point with the ownership of the mount creator and hence can't be shared across clients. Wish there was a way to allow multiple users access the shared resource via AFP. I am having problems even for read access.