Comply with HIPAA and HITECH requirements provisions to encrypt electronic patient health information
Regulation
Active now
The HIPAA Security Rule requires healthcare organizations to use appropriate safeguards to ensure that electronic protected health information (ePHI) remains secure while the HITECH Act requires the timely disclosure of data breaches.
Thales eSecurity provides solutions to help implement technical safeguards for ePHI through:
The HIPAA Security Rule requires covered entities to implement technical safeguards to protect all electronic protected healthcare information (ePHI), making specific reference to encryption, access controls, encryption key management, risk management, auditing and monitoring of ePHI information. The HIPAA Security Rule enumerates examples of encryption methods that covered entities can employ, along with the factors to consider when implementing a HIPAA encryption strategy.
Enacted as a part of the American Recovery and Reinvestment Act (ARRA) of 2009, the HITECH Act expands the HIPAA encryption compliance requirement set, requiring the disclosure of data breaches of “unprotected” (unencrypted) personal health records, including those by business associates, vendors and related entities.
The “HIPAA Omnibus Rule” of 2013 formally holds business associates liable for compliance with the HIPAA Security Rule.
Vormetric Transparent Encryption provides file and volume level data-at-rest encryption to protect ePHI from unauthorized access. Vormetric Application Encryption adds another layer of security and HIPAA/HITECH compliance capabilities, enabling organizations to easily build HIPAA/HITECH encryption capabilities into internal applications at the field and column level.
Vormetric Key Management provides the integrated, secure encryption key management that meets HIPAA encryption requirements to separate keys and encrypted data. This solution enables centralized management of encryption keys for other environments and devices including KMIP compatible hardware, Oracle and SQL Server TDE master keys and digital certificates. And Thales nShield HSMs provide FIPS 140-2-certified, hardware-based protection and management of organizations' most critical keys.
Vormetric Data Security Platform access controls extend data breach protection by limiting data access to authorized personnel and programs. In addition, the Platform’s data access monitoring generates the security intelligence information required to identify accounts that represent a threat because of a malicious insider or malware-compromised account credentials.
Vormetric Transparent Encryption delivers data-at-rest encryption, privileged user access controls and security intelligence logs to proactively meet compliance reporting requirements for structured databases and unstructured files....
Mandate
Active now
Since June 5, 2014 federal agencies have been required to meet FedRAMP standards, ensuring they meet internal data security standards and extended security controls for cloud-computing.
Learn More Regulation
Active now
These regulations cover healthcare information in the US, HIPAA relates to protection; encryption, key management. etc and HITECH relates to disclosure of data breaches.
Learn More Regulation
Active now
United States Federal Law setting standards for a range of US companies, SOX Act sections 302 and 404 relate directly to data protection.
Learn More
Vormetric Encryption delivers what we need it to do – without any fuss or drama – knowing it’s in place is one less thing to worry about.Albert AvilaBusiness Solutions Specialist, Fujitsu America, Inc.
Thales e-Security is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales e-Security.Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
There is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy and it has always performed flawlessly.Christian MuusDirector of Security for Teleperformance EMEA
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data.Audley Deansenior director of Information Security,
BMC Software
Vormetric’s approach of coupling access control with encryption is a very powerful combination. We use it to demonstrate to clients our commitment to preserving the security and integrity of their test cases, data and designs.David VargasInformation Security Architect
Cadence Design Systems
My concern with encryption was the overhead on user and application performance. With Thales e-Security, people have no idea it’s even running.Karl MudraCIO
Delta Dental of Missouri
The Vormetric solution not only solved all of our encryption needs but alleviated any fears of the complexity and overhead of managing the environment once it was in place.Joseph Johnson,chief information security officer CHS
As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We selected Thales HSMs to provide robust security, unmatched performance and superior scalability across… Joe Majka,Chief Security Officer
