HIPAA Encryption And Data Security Compliance Is 60 Days Away

News provided by

AlertBoot

Jul 18, 2013, 06:45 ET


Las Vegas, NV (PRWEB) July 18, 2013 -- According to an internal survey by AlertBoot Data Security, a leading provider of mobile device management and managed full disk encryption services, entities subject to HIPAA regulations are scrambling to secure their devices against potential ePHI breaches.

The survey shows that many medical organizations and business associates are belatedly beginning to realize that the process of vetting, selecting, and deploying a data security solution can take much longer than anticipated. In addition, many are waylaid by unanticipated costs like "optional" management servers that simplify the deployment of security software. While not required, they are often necessary to meet targets such as the compliance deadline for the HIPAA Omnibus Final Rule of September 23.

"One of the major complaints we're hearing regarding the Omnibus rule is the timeframe," said Tim Maliyil, CEO and founder of AlertBoot. "Although the HHS allocated sufficient time for meeting compliance requirements, smaller entities underestimated the complexities of deploying security solutions. It's a terrible situation to be in and many are feeling desperate. Only 60 days or so are left until the deadline and many have yet to start encrypting their laptops or securing their smartphones and tablets. "

Data encryption is one of the mainstays of securing patient data. While its use is not required under HIPAA and HITECH, there is little leeway for avoiding encryption under the final rules. In fact, the HHS Office of Civil Rights (OCR) Director Leon Rodriguez was quoted earlier this year stating that OCR "loves encryption" and that "in the event of a breach, using encryption assures that that information is unreadable, unusable or undecipherable, which, basically, would qualify that entity for the safe harbors under our breach notification rule."**

In addition to the Breach Notification Rule, penalties of up to $1.5 million for HIPAA non-compliance are also driving increased interest in AlertBoot security software.

AlertBoot enables HIPAA covered-entities to protect laptops, smartphones, and tablets from one central console that is accessible via the internet. The AES-256, FIPS 140-2 validated cloud-based solution speeds up the deployment process, allowing its execution within days; the total cost is among the lowest when compared to similar offerings; and any surprise fees that could derail the budget, and the project, are eliminated with AlertBoot's transparent pricing.

"AlertBoot is revolutionary in how the solution deploys encryption and device management," noted Maliyil. "Weeks or months spent planning a company-wide installation using Active Directory or similar databases can be shortened to mere days. And, the customizable reports allow administrators to constantly monitor the situation from any device with internet accessibility."

Additional benefits include:

  • Independent third party verification. Clients can easily prove compliance by using our reports and avoid any suspicion of record manipulation.
  • 24/7 support and no separate need for an IT department. Administrators and users receive around-the-clock help for everyday issues including password resets.
  • FIPS 140-2 validation. HIPAA defers to NIST when it comes to the appropriate use of encryption and other data security issues. Under NIST recommendations, encryption should be validated using their processes and must feature an encryption strength equivalent or higher than AES-128.
  • Multiple Users assigned to one machine. Clients are covered if multiple people need to access a machine or terminal. IDs and passwords are not shared, in keeping with HIPAA requirements.

** Leon Rodriguez quote from http://www.modernhealthcare.com/article/20130105/MAGAZINE/301059959

About AlertBoot
AlertBoot Data Security offers a cloud-based data and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a secure web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe and lock, device auditing, USB drive and hard disk encryption managed services.

Headquartered in Las Vegas, AlertBoot is trusted by thousands of companies worldwide as part of their bring your own device (BYOD) and mobile information management (MIM) strategy.

For more information on AlertBoot Mobile Security solutions, please visit http://www.alertboot.com/.

Contact Information
Media Contact:
Sang Lee
VP Communications
+1 702-659-8890 x3734

Sang Lee, AlertBoot, http://www.alertboot.com, +1 702-659-8890 x3734, [email protected]