|
|||||
PCIC’s Technologys are HIPAA Compliant |
|
As of April 2005, the Health Information Portability & Accountability Act (HIPAA) security standards mandate that all health care providers establish a contingency plan to respond to any type of computer disaster involving potential data loss. PCIC technology fulfills the requirements of HIPAA, including data integrity, authentication, contingency planning, access and audit controls as they relate to electronic Protected Health Information, including: • User authentication • Role based access • Encryption of data (AES128 bit encryption) • Offsite data storage outside of the organization • Secure storage facility • Transmission Reports
What is HIPAA and Why is it Important? HIPAA provides national minimum standards to protect an individual’s health information. HIPAA covers protected health information (PHI) which is any information regarding an individual’s physical or mental health, the provision of healthcare to them, or payment of related services. PHI also includes any personally identifiable information, including for example Employer Identification Number, social security number, name, address, phone number, medical condition when linked to a patient, and some types of billing information. In order to be compliant, organizations must design their systems and applications to meet HIPAA’s privacy and security standards and related administrative, technical, and physical safeguards.
Privacy & Security Rules HIPAA’s Privacy Rule requires that individuals’ health information is properly protected by covered entities. Among other requirements, the privacy rule prohibits entities from transmitting PHI over open networks or downloading it to public or remote computers without encryption. The Security Rule requires covered entities to put in place detailed administrative, physical and technical safeguards to protect electronic PHI. To do this, covered entities are required to implement access controls, encrypt data, and set up back-up and audit controls for electronic PHI in a manner commensurate with the associated risk.
Privacy Controls: Encryption Both in Storage and in Transit HIPAA’s Privacy regulations include standards regarding the encryption of all PHI in transmission (“in-flight”) and in storage (“at-rest”). Encryption Both in Storage and in Transit : Your data is encrypted before it leaves its computer using the same 128-bit AES security. Data is transmited to PCIC severs using SSL (Secure Socket Layers) technology. So your data is encrypted twice. (to crack one encryption key will take 77,000,000,00,000,000,000,000,000 years!)
Data Center Compliance & HIPAA Rules Customer files are stored, in encrypted form and can be accessed with an Encryption Key that the only customer has. Not even PCIC personnel can access your data.
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Log in