What are the HIPAA Requirements and how can SafelinkID help you meet these requirements? Section 1173(d) (2) of the 1996 HIPAA Act stipulates that healthcare organizations (that maintain or transmit electronic patient information) shall maintain reasonable and appropriate administrative, technical, and physical safeguards to:Ensure the integrity and confidentiality of the information Protect against any reasonably anticipated threats of hazards Secure the information, as well as identifying unauthorized uses or disclosures of the information Ensure compliance of these requirements by the officers, employees and clients of the company Ensure activity logs are monitored and archived daily Back up and restore functionality is conducted at least on a daily basis Password management must be maintained and populated
HIPAA Requirement
How can SafelinkID help as a formal mechanism for processing records? Section 142.308(a.4) Defined access Policies and the use of SSL Encryption Secure sensitive health data assists in meeting this requirement Security configuration management Section 142.308(a.8.i) SafelinkID administration console assists in complying with the documentation of written security plans, rules, procedures, and instructions concerning all components of an entity's security. Security Incident Procedures Section 142.308 The SafelinkIDSAS appliances log every remote access event, automatically providing documentation of any security incidents; assisting you in taking action on any attempted security breach. Removal of User Accounts Section 142.308 User accounts can be deleted with the SafelinkID administration console or from the external directory from which SafelinkID synchronizes user accounts. Technical Security Services and Mechanisms to Provide Access Controls Section 142.308 SafelinkID provides context, role and user-based access health organization resources. Access control is achieved through the use of public/private key encryption, which requires secure authentication before the decryption process begins. Technical Security Services and Mechanisms to Provide Audit Trails, Event Reporting and Alarms Section 142.308 SafelinkIDSAS appliances provide event logging and auditing capabilities for every remote access activity. Technical Security Services and Mechanisms to Provide Authorization Control Section 142.308 The SafelinkIDSAS SSL Compliancy Appliance utilizes username/password, one time user passwords, answers to questions and robust access control to define services a user may access. In addition, the SafelinkIDSAS Appliance can provide two-factor strong authentication to your cell phone, email, PDA or pager. In the absence of email or cell phone notification, the SafelinkID Appliance can provide two-factor authentication through a shared secret. Data Authentication and Integrity Section 142.308 SafelinkID utilizes 128-bit Secure Socket Layer (SSL) encryption to secure all data traveling over the internet. iSmart Connect also can provide the following security tool: Port Scanner Network Sniffer Intrusion Detection with Denial of Service Backup & Restore capabilities with a built in scheduler File & Folder Protection Secured Instant Messaging Entity Authentication Section 142.308 SafelinkID supports the stated requirements with: a) automatic log off, b) unique user identifiers, and c0 user authorization. Electronic Signature Standard Section 142.310 The SafelinkIDSAS SSL Compliancy Solution currently support SSL Digital Certificates.
If you have additional questions on how the SafelinkIDSAS Compliancy Appliance can help you meet HIPAA requirements, please contact us directly by phone at 949-936-2690 or at info@safelinkid.com
