Navigation * Home / Solutions / SecureWave Sanctuary & HIPAA

SecureWave Sanctuary & HIPAA

The Final Rule

• Security standards to safeguard the « confidentiality, integrity and availability » of electronic information used in the health care industry
• Published by the Department of Health and Human Services on Feb. 20, 2003 in Federal Registry
• Part of the 1996 Health Insurance Portability and Accountability Act (HIPAA)

HIPAA - The Final Rule Basic Definition

Rules apply to electronic protected health information (EPHI), which is individually identifiable health information in electronic form.

Medicaid/Medicare - Health care clearinghouses, health care providers who maintain and transmit any protected health information in electronic form.

Protect the confidentiality, integrity, and availability of EPHI when stored, maintained, or transmitted

Implement and maintain appropriate administrative, physical, and technical safeguards to protect against threats or hazards to the security or integrity of EPHI

Objective of the final rule is to implement security mechanisms at 3 safeguards levels;

Administrative:
Enforce the procedures and policies per user / group / machine / task related

Physical:
Control physical access to I/O devices to complement classical physical security

Technical:
Implement SecureWave EndPoint security solutions to prevent host intrusion and its consequences

HIPAA and Sanctuary® Integrity and Stability
Sun Healthcare, Albuquerque, New Mexico

• 600 approved applications
• 1400 application in use (some approved, some needed, some questionable)
• CIO and Business Unit Leaders joint review and decision
• What should be policy? (Central and Business Units)
• What should be allowed? (Central and Business Units)
• How to resolve Conflict?
  Sanctuary® provided means for an informed understanding and course of action on policy setting and enforcement

ROI

• Saved $130K/month (contract support costs) by not re-imaging PCs to resolve unauthorized application errors
• Re-gained 33% net bandwidth by eliminating P2P apps like WeatherBug

“We had a virus that took our network to its knees. Microsoft, Symantec, Checkpoint could not solve the problem… in a week – SecureWave® was able to fix the problem.“, Zachary Grant,Senior network engineer

HIPAA and Sanctuary® Confidentiality and Availability
Ellis Hospital, Schenectady, NY

• USB drives are used for transferring data within the hospita
• lDoctors may leave their desks without logging out in case of emergency
• Authorize only staff that really need to service patients
• Doctors are opposed to heavy-handed security

Benefits

• Give doctors access to thumb drives under specific circumstances
• Protect patient information from unauthorized view
• Assurance to comply with HIPAA safeguards requirements for patient information protection.

"Through the implementation of SecureWave Sanctuary Device Control, the IT department at our facility is able to regulate the use of devices and give firm evidence of HIPAA compliance“,
Mark McGill, network engineer

If you would like to contact a member of our consultancy team today please either telephone or email;

Tel: +44 (0) 1622 812333
Email: consult@bii-compliance.com