Overview

The Healthcare Insurance Portability and Accountability Act (HIPAA) mandates that healthcare providers take the appropriate steps to protect the privacy of this data, whether it’s being sent via email or stored on the desktop.

Solution Scenarios

Send test results to patients and doctors securely. Solution: Encrypted Mail

Send prescriptions to patients securely as a PDF attachment. Solution: Encrypted Mail

Protect patient medical records that are stored on hard drives, laptops and transferred on portable devices. Solution: Encrypted Documents

Set-up a collaborative community where doctors, clinics and hospitals can exchange messages and medical documents securely with a full audit trail. Solution: Encrypted Message eXchange

Why Encrypt?

Key business drivers of data and message encryption in the healthcare industry include:

Compliance and Risk

Echoworx data privacy applications comply with HIPAA allowing the healthcare industry to meet security and privacy requirements. Hospitals, clinics and medical offices have to take steps to protect their patient information.

Healthcare professionals should not overlook the major security risks associated with email systems. The HIPAA Security Rule states that any patient health information determined to be at risk must be properly secured to protect its confidentiality, including information transmitted via email.

Privacy Legislation

The Healthcare Insurance Portability and Accountability Act (HIPAA) was passed by US Congress in August 1996. The act requires the Department of Health and Human Services to ensure standardization of electronic patient data and implement security standards to protect the confidentiality and integrity of individual’s health information.

Customer Service and Value

• Speed-to-market with medical results
• Time efficiency for doctors that want to book appointments and communicate with patients onlinen
• Meets compliance regulations
• Non-compliance can have a negative impact on a brand image of a hospital or clinic
• Patient communications always remain protected

Key Benefits

Encryption for healthcare providers:

• Protects patient privacy by encrypting email communication that contains medical advice, test results and prescription information
• Complies with privacy and security requirement
• Allows patients and other medical professionals who are non-subscribers to unlock the encrypted email message
• Be certain, with digital signatures, that your patients will know it is really you emailing them
• Guarantee secure transmission of files containing patient information
• Safeguard email from being opened by unauthorized users and keep securely stored digital records
• Encrypt patient records and files sent electronically from unauthorized users
• Cost effective per user pricing
• No end user training required
• Minimal IT support required to manage users

Technology

The Echoworx Secure Services (ESS) platform is based on industry trusted standard PKI (Public Key Infrastructure) and S/MIME technologies for strong encryption and digital signatures, relying on standard X.509 certificates that are issued and managed for Echoworx’s data privacy applications, which include: Encrypted Mail, Encrypted Documents, Encrypted Document Presentment, and Encrypted Message eXchange.

The ESS platform is hosted in high-availability data centers operated by world class Application Service Providers. These data centers optimize data communications, message processing and storage of large volumes of data and offer fully redundant and uninterrupted service levels. The ESS platform provides a security framework that simplifies the end user experience of sending, receiving and storing encrypted documents by automating the management and use of digital credentials.

• Carrier Grade Architecture
  Unlimited scalability and high availability service.
• Standards Based Solution
  Industry-trusted PKI, X.509 certificates and cryptographic standards.
• Messages integrity
  Ensures message integrity through the application based digital signatures.
• Certification Authority Included
  No need to deploy and maintain expensive third party Certificate Authorities.
• Simple Deployment
  Fully hosted solution requires no end user administration.
• Simple Administration
  Intuitive and easy to use administration console for enrolling/disabling end users and resetting passwords.
• Industry Standard Encryption
  PKI, X.509, S/MIME, 3DES. AES, 128-bit SSL, 1024 bit RSA keys with MDS and SHA-1.