HIPAA defers to NIST on the specific requirements for encryption technology. There is also a requirement to keep accurate records. Using encryption is important, but so is the ability to prove that it was used when a device is stolen.
Las Vegas, Nevada (PRWEB) January 31, 2014
AlertBoot, a leading provider of mobile device management and managed full disk encryption services, has introduced a new reporting engine that makes it easy to prove compliance with HIPAA Security Rule requirements for computing devices that are used by dentists, including laptop computers, desktop computers, and smart devices like smartphone and tablets.
"Under HIPAA and the patient data Breach Notification Rule, the use of encryption is the only way to gain safe harbor if patient data is lost or stolen," noted Tim Maliyil, founder and CEO of AlertBoot. "HIPAA defers to NIST on the specific requirements for encryption technology. There is also a requirement to keep accurate records. Using encryption is important, but so is the ability to prove that it was used when a device is stolen."
While much has been publicized about the importance of encryption under HIPAA – such as the use of laptop full disk encryption on portable computers or desktop computers – equally important is demonstrating that a device was encrypted if it ends up missing. In addition, dentists that are covered under HIPAA must take into account NIST (National Institute of Standards and Technology) requirements involving encryption key length and data accessibility.
Small and medium-sized dental practices, which usually do not maintain an in-house IT staff, may find computer encryption to be complex and inapproachable. Outside IT services can relieve some of the burden, but only if the contracted firm is familiar with HIPAA-related issues. If relying on outside consultants, there are a number of aspects that dental practices should inquire about when selecting data security services.
First, ascertain if the use of encryption is documented in a failsafe manner. Encryption protects patients by ensuring that PHI doesn't fall in the wrong hands. Proof of encryption protects you from HIPAA. The integrated reporting found in AlertBoot easily provides documented proof of encryption.
Second, HIPAA has requirements regarding data integrity. Information on computers can become corrupted, requiring data recovery operations. In such instances, a copy of the encryption key must be produced. AlertBoot automatically backs up encryption keys so that information is not inadvertently lost.
Last but not least, there are the basic technical requirements, such as using an encryption algorithm that equals or exceeds AES-128 and is without known weaknesses (prevented by using solutions validated by NIST. Ask if a NIST certificate is available). The AlertBoot solution uses NIST-validated full disk encryption.
In addition, there are a number of advantages to using AlertBoot:
- Endpoint users are unable to uninstall FDE.
- Setting password strength policy.
- Ability to wipe data remotely.
- Supporting multiple users with individualized IDs and passwords on the same endpoint.
- Securing devices while in the field (remote deployment and installation).
To learn more about the advantages and convenience that comes with AlertBoot, please contact us at sales(at)alertboot(dot)com.
AlertBoot Data Security offers a cloud-based data and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a secure web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe and lock, device auditing, USB drive and hard disk encryption managed services.
Headquartered in Las Vegas, AlertBoot is trusted by thousands of companies worldwide as part of their bring your own device (BYOD) and mobile information management (MIM) strategy.
For more information on AlertBoot Mobile Security solutions, please visit http://www.alertboot.com/.
+1 702-659-8890 x3734