protecting personal health records - data at rest encryption
DESCRIPTION
The advantages of implementing an appliance-based encryption solution for protecting confidential data in the healthcare enterpriseTRANSCRIPT
Protecting Personal Health Records – Data
at Rest Encryption
Privacy and Security of Personal Health Information
Protecting Data at Rest
Health Information Security Adoption and implementation of emerging
health IT solutions must involve reassessment of security practices and policies
Healthcare providers are expected to prevent the unauthorized access, use and disclosure of a patient’s protected electronic health information
Developing a comprehensive strategy for ensuring the confidentiality, integrity and availability of electronic patient data will be required
Health Information Security Assessing the health IT environment requires an
understanding of all technologies being used throughout the enterprise for clinical, and administrative purposes
Evaluate any possible situation for unauthorized access and use. Today, many individuals and groups have access to, and can share electronic medical records and confidential patient information, including:• Government and public health agencies• Insurance companies• Hospital and Physician office personnel• IT vendors and their business associates
Part of the healthcare providers comprehensive security strategy will include a professional grade encryption solution
Encryption Is a process that transforms plaintext data (using
a certified algorithm like AES – Advanced Encryption Standard) into a format that makes it unreadable without an authorization key
The authorization key is a type of password and is required to encrypt and also decrypt the data
Key Management is the process of monitoring the algorithms and the employees keys, and is managed by a key custodian
Changing keys regularly is referred to as Key Rotation, and is necessary in order to maintain optimum security levels
Encryption The key management and key rotation
processes are the most critical aspects of data encryption
Most conventional solutions are time consuming and can be difficult, especially with limited IT staffing and support
A simple yet sophisticated technology is necessary in order to manage a continuous cycle of key creation, splitting, initialization, rotation and deletion
Encryption Encryption is part of a comprehensive
prevention strategy when used in conjunction with other technologies, and can be a first and last line of defense against:• Accidental loss or disclosure of confidential data by
employees, business associates and consultants• Internal access by employees (malicious)• Lost or misplaced laptops• Theft• Office break-in• External breach / Hacker (malicious)
Types of Encryption Solutions Software Solutions
• Limited security capability with inside employees• Sold as individual licenses – can be very
expensive • Will decrease database performance• Difficult and complex key management and
rotation• Typically requires a dedicated IT staff to manage
and support• May not support certain operating systems
(Linux, Mac OS X)
Types of encryption solutions Hardware or Appliance-based
• Lower Total Cost of Ownership – No licensing fees • Can be installed at web, application or database
server• Does not effect system speed or performance• Minimal integration and IT expertise needed• Non-proprietary, can be used with any operating
system• Scalable to large organizations without additional
licensing costs• Offloads encryption processing from servers
Appliance-based Encryption
Resides on the network and use a hardware device to encrypt and decrypt at high speeds
Offloads cryptographic processing from database for improving system performance
Scalable to handle any quantity of data Not operating system (OS) dependent. Typically
compatible to most IT environments and networks
Integrates easily with EMR, Practice Management, Imaging and Clinical information systems
Ideal for hosted solutions
JANA Series Technology Award-winning encryption technology Complies with state and federal security and
privacy rules Powerful, yet simple key management and key
rotation features Works in any operating environment Can be used simultaneously by multiple
(different) business applications Scalable to any size healthcare provider, from a
physician office to the large, geographically dispersed Integrated Delivery Network (IDN)
Manufactured in USA by Dark Matter Labs
JANA Series Technology Appliance-based solution offering superior
performance and security Easy upgrading and updating when required State-of-the-art software delivered on a
revolutionary hardware platform Offers strict control over encryption keys Increases network performance Can be interfaced with web servers,
application servers (recommended), database servers, or customized servers
JANA Series Technology
JANA appliances are award winning encryption solutions that completely offload intense cryptographic processing from overworked servers
3 Devices designed for small to enterprise-wide applications
Employs government certified algorithms Completely independent of database, operating
system, and application Units differentiate based on processing power,
speed, number of Ethernet ports and high availability capability
Installation Diagram
Dark Matter Labs Offers an advanced level of security through
an appliance-based solution Highest level customer support with an industry-first perpetual hardware replacement warranty
Offers comprehensive technical support and encryption training
No hidden costs, licenses or vendor lock-in when purchasing appliance-based technology
Simple to install and use
Who should encrypt? All healthcare providers who access and store
protected health information. Hospitals, physician offices, pharmacies, clinics, labs, psychiatry offices, imaging centers and dentists
Healthcare management organizations, i.e. HMO’s
Health Insurance companies Commercial vendors i.e. EMR software, Hospital
Information Systems, Billing and Transcription, Hosting services, Imaging Equipment
Why encrypt? Protect data even in the event of a security breach Safeguard patient information HIPAA compliance, and
TO AVOID
Financial loss (large fines, lost patients & revenue) Legal ramifications (regulatory or civil prosecution) Damage to professional image (negative publicity &
media fallout)
Jana series encryption
http://darkmatterlabs.net