 |
 You are at Solutions
>> Cryptainer SE >> HIPAA |
| |
 |
Cryptainer SE meets HIPAA Privacy and Security Criteria
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 has brought
information security to the forefront for healthcare organizations. Sometimes
dubbed the Y2K of health care, HIPAA imposes sweeping standards for the privacy
and protection of all electronic health information that can be linked to
individuals.
Health and Human Services (HHS) is publishing final HIPAA regulations
that affect virtually every area of health- related organizations in the United
States, from the one-physician office to multi-entity health systems, HMOs,
health care support services, and others.
A large part of this act is focused on the secure storage and transmission of
confidential patient data over computer networks.
Privacy regulations were released in December 2000. They were made final on
April 14, 2001, and will go into effect two years after that, in April 2003 and
security regulations have to be met by April 21, 2005.
|
|
Click here to download the Cryptainer SE
product brochure (PDF).
Please contact us if you wish to evaluate
Cryptainer SE or have any commercial inquiries.
Click on the Download button to download Cryptainer LE, a miniature version of
Cryptainer SE.
|
|
Cryptainer SE meets the Required Criteria of HIPAA Privacy and
Security Regulations . Additionally, it confirms to the addressable
requirements.
Key Product Features:
-
Be up and running in 5 minutes.
-
Volume sizes to 50 Gigabytes.
-
Works with all popular applications.
-
Looks and works like another hard drive.
-
Lightning fast!
-
Uses Blowfish and AES encryption algorithm.
-
Encryption key strengths of 448 bits in blowfish and 256 bit for AES.
-
Administrative recovery using public/private keys.
-
Easy to Use, Nothing to Learn!
-
No knowledge of encryption required.
-
No need to change your working habits.
-
No need to remember anything but your password.
|
| Non-compliance of these regulations will carry stiff civil and
criminal penalties. |
HIPAA Privacy and Security Compliance - A Common Sense Approach
Privacy and security are inextricably linked. You can't ensure the privacy of
patient information without security controls in place. In order to fully
comply with the Privacy Rule, organizations will need to understand and
implement a number of requirements outlined in the Security Rule. Thus it makes
good business sense to consider these standards together as you consider
measures for HIPAA compliance. Covered entities that take the appropriate steps
now to address both of these regulations will benefit not only from compliance
with HIPAA but will experience a return on investment by moving business
process on-line.
Most companies invest millions of dollars in putting up firewalls and trying to
secure their networks. Ironically they spend the least amount of money in
protecting the area where the data actually resides or is created-the PC's
employees use The cost involved in securing data at the user level is minimum
and its criticality maximum. Encryption renders your data, even if accessed by
an unauthorized person,unintelligible and unusable. By adopting encryption you
can ensure complete security and privacy of your data.
Meeting the HIPAA Privacy and Security Standard with Cryptainer SE
Our flexible, end-user dependent electronic security and privacy solutions
conform to the HIPAA guidelines and provide complete solutions to the
healthcare institutions electronic security requirements. Most end users of
HIPAA compliant electronic security products may not be conversant with
electronic security requirements and concepts.
-
Privacy Rule (Set out in Federal Register)
164.530(c)(1) Standard: Safeguards. A covered entity must have in place
appropriate administrative, technical, and physical safeguards to protect the
privacy of protected health information.
164.530(c)(2) Implementation specification: Safeguards. A covered entity must
reasonably safeguard protected health information from any intentional or
unintentional use or disclosure that is in violation of the standards,
implementation specifications or other requirements of this subpart.
-
Security Rule (Set out in Federal Register)
| Standards |
Sections Implementation |
Specifications |
Compliance |
Cryptainer SE |
| Access Control |
164.312(a)(1) |
Unique User Identification |
Required |
Meets |
| |
|
Emergency Access Procedure |
Required |
Meets |
| |
|
Encryption and Decryption |
Addressable |
Meets |
| Audit Controls |
164.312(b) |
|
Required |
Meets |
| Person or Entity Authentication |
164.312(d) |
Unique User Identification |
Required |
Meets |
| Transmission Security |
164.312(e)(1) |
Encryption |
Addressable |
Meets |
-
Security Rule (Set out in National Institute of Standards and Technology)
The HIPAA Security Rule specifically focuses on the safeguarding of electronic
protected health information (EPHI). Although FISMA applies to all federal
agencies and all information types, only a subset of agencies is subject to the
HIPAA Security Rule based on their functions and use of EPHI. All HIPAA covered
entities, which include some federal agencies, must comply with the Security
Rule. The Security Rule specifically focuses on protecting the confidentiality,
integrity, and availability of EPHI, as defined in the Security Rule. The EPHI
that a covered entity creates, receives, maintains, or transmits must be
protected against reasonably anticipated threats, hazards, and impermissible
uses and/or disclosures.
Resource Guide for Implementing the HIPAA Security Rule as published in
National Institute of Standards and Technology (NIST).
Download in PDF Format.
HIPAA Administrative Simplification; Proposed Rule (Set out in Federal
Register):
Health and Human Services (HHS) proposes to amend or renumber existing rules
that relate to compliance with, and enforcement of, the Administrative
Simplification regulations (HIPAA rules) adopted by the Secretary of Health and
Human Services (Secretary) under subtitle F of Title II of HIPAA (HIPAA
provisions). These rules are codified at 45 CFR part 160, subparts C and E. In
addition, this proposed rule would add a new subpart D to part 160. The new
subpart D would contain additional rules relating to the imposition by the
Secretary of civil money penalties on covered entities that violate the HIPAA
rules. The full set of rules that will ultimately be codified at subparts C, D,
and E of 45 CFR part 160 is collectively referred to in this proposed rule as
the "Enforcement Rule." Finally, HHS proposes conforming changes to subpart A
of part 160 and subpart E of part 164. The statutory and regulatory background
of the proposed rule is set out below. A description of HHS's approach to
enforcement of the HIPAA provisions and the HIPAA rules in general, the
approach of this proposed rule in particular, and each section of the proposed
rule follows. The preamble concludes with HHS's analyses of impact and other
issues under applicable law.
45 CFR Parts 160 and 164 HIPAA Administrative Simplification; Enforcement;
Proposed Rule as published in the Federal Register.
Download in PDF Format.
Comparison Matrix:
| Point of Comparison |
Other HIPAA Solution |
Cryptainer SE |
| Cost to enter |
High |
Low |
| Cost to maintain |
Very High |
Low |
| Cost to upgrade |
Very High |
Low |
| Total Cost of Ownership |
Very High |
Moderate |
| Return On Investment |
Low |
Very High |
| Expertise Required |
High |
Low |
| Ease of Implementation |
Very Low |
High |
| Timeframes |
High |
Low |
| Success Rate |
Moderate |
100% |
Click here to download the
Cryptainer SE product brochure (PDF).
If you wish to evaluate Cryptainer SE or have commercial inquiries,
please contact us.
Click on the 'download' button below to download Cryptainer LE
which is a 'scaled-down' version of Cryptainer SE.
|
|
|
Copyright © 1999-2008 Cypherix™. All rights reserved.
Privacy Policy | Sitemap
| Contact Us
|
|
|
