Data In Motion: Secure Your Organization ' s Information
As the United States healthcare system continues to procedure toward Electronic Health Records ( EHR ) in compliance with the Health Information Technology for Economic and Clinical Health ( HITECH ) Act of 2009, questions about security of information project to be addressed. The US Health Insurance Portability and Affliction Act ( HIPAA ) have need rigorous care in the account of unharmed health information ( PHI ).
One of the benefits of electronic records is the ability to quickly transmit data across the country or around the world. Whenever safe health information ( PHI ) is being transmitted electronically to a third party via email, FTP or other model of communication, it is considered " data in motion. " The National Institute of Standards and Technology ( NIST ) and HIPAA direction that the movement of PHI via electronic means must engage with their standards for security. Unfortunately, it is far too easy for unsecure wares to be breached and identifying information used in malicious ways. HIPAA and NIST are concerned that good practices are empitic and that important patient information is unharmed.
Further, the HITECH Act ( ARRA ) of 2009 unbefitting the guidance of the Department of Health and Human Services ( HHS ) has outlined a " safe harbor " in which breached information does not need to be reported. Essentially, if PHI is profitless, hieroglyphic or scribbed to unauthorized individuals, covered physicians and hospitals will not be theory to HITECH ' s crack tip requirements. Encryption and finis are two options for saying PHI ineffective, illegible or indecipherable to unauthorized individuals.
PHI is exact encrypted if an algorithmic process has been used to diagram the freight essentially unintelligent without the use of a familiar process or key. For " data at uphold " ( stored on databases and train systems ), the NIST has different requirements and guidelines than for " data in motion. "
Some companies offer a customizable achievement for hospitals and diagnostic practices that meets and exceeds the NIST standards for protecting " data in motion. " They also offer encryption that allows your metropolitan hospital or rural community clinic to take advantage of the Safe Harbor Rule and exempts your organization from having to report a breach to HHS.
Currently, the biggest threat to HITECH compliance is protection of PHI en peregrination across the country or around the world via email, FTP or other electronic profile of communication. A big rate of breaches that have started occurred involve some type of information moving from one entity to in addition. Protect your healthcare organization with software approximative as Encrypt - A - Note and nail down your " data in motion " needs are met.
No comments:
Post a Comment