AlertBoot New Encryption Compliance Reports Prepare Covered Entities For HIPAA Audits

Share Article

Stricter HIPAA requirements concerning PHI encryption are leading covered entities and business associates to adopt AlertBoot, a data security solution that comes with an integrated reporting engine that seamlessly keeps track and reports the encryption status of machines. These reports can be used as evidence under the HIPAA Breach Notification Rule as well as the HIPAA permanent program for audits that is scheduled to go into effect on October 1, 2014.

AlertBoot Square Logo
OCR appears to be set in enacting a program with an eye towards preventing HIPAA breaches. Such an ambitious program requires funding, and there's a good chance it might come from OCR levying fines.

AlertBoot, a leading provider of mobile device management and full disk encryption managed services, has seen a surge of interest in its services from HIPAA covered entities (CE) and business associates (BA). This high level of interest has been traced back to the Office of Civil Rights (OCR) plan on launching a permanent program for auditing HIPAA compliance efforts in 2014.

Because the Federal Fiscal Year starts on October 1, CEs and BAs are rushing to ensure compliance with the Final Omnibus Rule, which went into effect in September 2013. Although the deadline was over four months ago, many businesses and organizations are still struggling with HIPAA compliance. The approaching permanent program audit scrutinizes all facets of HIPAA – and not just technical ones like the presence of HIPAA-compliant full disk encryption – prompting CEs and BAs to bolster any PHI data security weaknesses.

"OCR is really stepping up to the plate when it comes to HIPAA breaches," noted Tim Maliyil, CEO and founder of AlertBoot. "While HIPAA has been around since 1996, it's only in the past couple of years that the HHS [Department of Health and Human Services] received the tools and enforcement authority to go after those who don't comply. Now, OCR appears to be set in enacting a program with an eye towards preventing HIPAA breaches. Such an ambitious program requires funding, and there's a good chance it might come from OCR levying fines for HIPAA compliance issues."

Indeed, OCR Director Leon Rodriguez has been quoted as saying that "OCR 'will leverage more civil penalties'" and that the office has "approval to bank penalties it collects to fund enforcement actions across fiscal years."

HIPAA regulations cover a wide berth, from patients' room listings to data on electronic devices, and guidance from multiple experts is necessary in order to completely comprehend the issues. When it comes to laptop encryption, AlertBoot can aid the struggling organization.

The AlertBoot managed full disk encryption solution for laptops is a NIST-validated, FIPS 140-2 approved solution that uses AES-256 encryption. Because HHS defers to NIST when it comes to details regarding encryption technology, covered entities and business associates know that they've addressed HIPAA Security Rule requirements regarding data-at-rest encryption for laptops.

The integrated, customizable reporting facilitates audits and compliance reviews. AlertBoot users can easily prove that computers are encrypted thanks to the cloud-based aspect to the FDE deployment and installation logs, which report on a computer's encryption status throughout its service life. If the computer is lost or stolen, you can present this report as incontrovertible proof that the laptop was protected, triggering safe harbor provisions under the Breach Notification Rule.

A partial list of benefits include:

  •     Password policy management. Ensure that proper password lengths and complexity is being used by employees and other members.
  •     Customizable reports. Insert and delete data as necessary on reports. Or create a new one from scratch to fit your needs.
  •     Encryption key backup. Encryption keys for ePHI recovery and data integrity are automatically backed up for easy management to disparate locations.
  •     Device agnostic / Multi-OS environment. Protection multiple devices from one console, be it Windows laptops, Macs, iPhones, Android smart phones, or tablets.
  •     "HIPAA compliant" encryption. HIPAA defers to NIST (the National Institute of Standards and Technology) when it comes to defining what type of encryption to use for protecting sensitive data. AlertBoot's FDE solution is FIPS 140-2 validated by NIST (certificate and listing can be provided on request).
  •     Lowest Total Cost. Pricing includes the additional costs that are traditionally not shown on price quotes, such as the management servers and software required to coordinate FDE installation and management, as well as licensing quotas.
  •     Fast deployment. As part of the "On-Demand Encryption" philosophy, clients can start securing laptops, smartphones, and tablets within minutes of signing up for service.

Learn today why HIPAA covered entities and business associates trust AlertBoot for their data security compliance requirements by contacting

About AlertBoot
AlertBoot Data Security offers a cloud-based data and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a secure web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe and lock, device auditing, USB drive and hard disk encryption managed services.

Headquartered in Las Vegas, AlertBoot is trusted by thousands of companies worldwide as part of their bring your own device (BYOD) and mobile information management (MIM) strategy.

For more information on AlertBoot Mobile Security solutions, please visit

Contact Information
Media Contact:
Sang Lee
VP Communications
+1 702-659-8890 x3734

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Sang Lee
+1 702-659-8890 Ext: x3734
Email >
Visit website