HIPAA
Doctors, pharmacists, medical centers,
insurance companies, laboratories, and other members of the healthcare
industry have become increasingly concerned with HIPAA,
the Health Insurance Portability and Accountability Act of 1996.
This act states that all healthcare providers insure the protection
of patient privacy, with HIPPA compliance required by April 14th
2003. The other key provision of HIPAA is also critical: portability
of information, and patient access. This will levy additional
requirements on healthcare providers and may prove a major challenge
due to the lack of standardization in existing systems across
the industry. In fact, it is likely that these portability and
interoperability issues will be the major cost factors for healthcare
establishments to address HIPAA.
The increasingly critical role that information
technology has played in improving the quality of medical service
and reducing its support costs makes finding cost-effective solutions
for HIPAA compliance necessary. It is also critical that healthcare
professionals be able to protect their existing investments in
computers and networks. Jade delivers a series of cost-effective
solutions that can meet the requirements for ensuring HIPAA due
diligence Lacking mandated standards, Jade delivers a series of
protection packages to provide a solid security foundation for
healthcare professionals. There are eight key
requirements to meeting current HIPAA standards. Jade solutions
address each of these eight key areas.
1. Contingency Plan: Organizations
must have adequate safeguards for providing electronic health
information in the event of an emergency. Jade's business protection
package offers complete backup and recovery for all workstations
in your organization. To ensure that the backup solution becomes
a part of the overall organization's security policy, Jade will
include a recommended backup schedule for your organization that
will yield minimal data loss during downtime. This schedule can
be integrated into your operational procedures for incident handling
and escalation.
2 & 8. Information Access Control
and Media Control: Our business protection package features
at a minimum firewall technology to lock down access to your data
systems and networks. Firewalls give you multiple ways to allow
or prevent access. To restrict authorization of sensitive patient
records to only authorized parties, Jade offers a variety of access
control products. These products allow you to migrate from password
security for your applications to stronger authentication techniques
that are user-friendly.
3. Security Configuration Management:
Rigorous control and documentation of when outpatient information
may be modified/accessed is an essential component of safeguarding
patient information. Healthcare organizations must document all
modifications and updates made to patient records. Our business
protection packages are formed from commercial products with specified
version number and application keys that form a security baseline
for your organization that can be rebuilt and documented under
configuration control. Jade's integrity protection products are
a valuable option in our business protection packages which ensure
that any data or technology modifications occur in a controlled,
approved method, and that an inadvertent or malicious tampering
of your baseline is detected and halted.
4, 5, 6. Security Incident Procedures,
Security Management Process and Termination: As
referred to in requirement one, organizations should implement
any security technology solutions with an overall corporate security
framework, building appropriate security measures within their
existing workflow process. Jade's experienced security engineers
will assist our customers purchasing a business protection package
in developing a formal corporate security policy including incident
handling and thorough password revocation process for terminated
employees.
7. Security Training: One of the
largest security weaknesses in any organization is an ill-informed
employee. Lack of thorough dedicated security training for the
workforce will render expensive security technologies useless
in an instant. Our business protection packages are accompanied
with up-to-date documentation explaining the proper usage of security
products. Additional consulting support may be required for your
IT administration staff. Jade offers rigorous training programs
as part of it's suite of IT security programs.
If you are a healthcare provider in search
of HIPAA compliant solutions, let Jade's business protection packages
provide a solid security foundation for your business.
Contact
us today for technical specifications and prices.
|